Table of Contents

Search

  1. Preface
  2. Part 1: Introduction to Amazon Redshift connectors
  3. Part 2: Data Integration with Amazon Redshift V2 Connector
  4. Part 3: Data Integration with Amazon Redshift Connector

Amazon Redshift Connectors

Amazon Redshift Connectors

IAM authentication

IAM authentication

Optional. You can configure IAM authentication when the Secure Agent is installed on an Amazon Elastic Compute Cloud (EC2) system. Use IAM authentication for secure and controlled access to Amazon Redshift resources when you run mappings and
mapping
tasks.
Use IAM authentication when you want to run the mappings and
mapping
tasks on the Secure Agent installed on an EC2 system.
Perform the following steps to configure IAM authentication:
  1. Create minimal Amazon S3 bucket policy. For more information, see Create Minimal Amazon S3 Bucket Policy
  2. Create roles.
    • Create the Amazon EC2 role. Associate the minimal Amazon S3 bucket policy while creating the EC2 role. The Amazon EC2 role is used when you create or launch an EC2 instance. For more information about creating the Amazon EC2 role, see the AWS documentation.
    • Create the Amazon Redshift Role ARN for secure access to Amazon Redshift resources. Associate the minimal Amazon S3 bucket policy while creating the Amazon Redshift role. For more information about creating the Amazon Redshift Role ARN, see the AWS documentation.
      Use the same Amazon Redshift Role ARN in the UNLOAD and COPY commands.
  3. Assign the Amazon EC2 role that you created in step #2 to the EC2 instance.
  4. Assign the Amazon Redshift Role ARN to the Amazon Redshift cluster to successfully perform read and write operations using UNLOAD and COPY commands. For more information about adding the Amazon Redshift Role ARN to the Amazon Redshift cluster, see the AWS documentation.
  5. Install Secure Agent on the EC2 instance.
When you use a serverless runtime environment, you cannot configure IAM authentication.