Configuring AWS IAM Authentication for Amazon Redshift and Amazon Redshift V2 Connectors

Configuring AWS IAM Authentication for Amazon Redshift and Amazon Redshift V2 Connectors

Create a Minimal Amazon S3 Bucket Policy

Create a Minimal Amazon S3 Bucket Policy

The minimal Amazon S3 bucket policy restricts user operations and user access to a particular Amazon S3 bucket by assigning an AWS IAM policy to the users. You can configure the AWS IAM policy through the AWS console.
You can use the following minimum required actions when you use Amazon Redshift Connector and Amazon Redshift V2 Connector to successfully read data from and write data to Amazon Redshift resources:
  • PutObject
  • GetObject
  • DeleteObject
  • ListBucket
  • GetBucketPolicy
    Do not add the GetBucketPolicy permission in the Amazon S3 bucket policy when you use Amazon Redshift V2 Connector. Amazon Redshift V2 Connector does not support the GetBucketPolicy permission.
The following snippet shows a sample Amazon S3 bucket policy for Amazon Redshift Connector:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject","s3:DeleteObject", "s3:ListBucket", "s3:GetBucketPolicy" ], "Resource": [ "arn:aws:s3:::<bucket_name>/*", "arn:aws:s3:::<bucket_name>" ] } ] }
The following snippet shows a sample Amazon S3 bucket policy for Amazon Redshift V2 Connector:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": [ "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::<bucket_name>/*", "arn:aws:s3:::<bucket_name>" ] } ] }


Updated August 06, 2020