# Redshift

With Codatum, you can connect, query, and manage data of Redshift.

{% hint style="warning" %}
This feature is currently in preview. Functionality and availability may change without notice.

We'd love your feedback.
{% endhint %}

## How to Set Up

Redshift integration targets RA3 node clusters and serverless configurations.

### 1. Necessary preparations in AWS Console

#### 1. Grant the Necessary Privileges

Create a role for integration and grant privileges.

* Grant `USAGE` privilege on the schema you want to use to that role
* Grant `SELECT` privilege on the tables you want to use to that role
* Grant `SELECT` privilege on the system view `svv_table_info` to that role

#### 2. Create Secret in Secrets Manager

* Specify the Data Warehouse you want to connect to and create a Secret
* Add a tag named `RedshiftDataFullAccess` to the created Secret (Value can be empty)

#### **3. Create IAM User and Grant Policies**

* Create an IAM user for integration and grant the following policy

```json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DataAPIPermissions",
            "Effect": "Allow",
            "Action": [
                "redshift-data:BatchExecuteStatement",
                "redshift-data:ExecuteStatement",
                "redshift-data:CancelStatement",
                "redshift-data:ListStatements",
                "redshift-data:GetStatementResult",
                "redshift-data:DescribeStatement",
                "redshift-data:ListDatabases",
                "redshift-data:ListSchemas",
                "redshift-data:ListTables",
                "redshift-data:DescribeTable"
            ],
            "Resource": "*"
        },
        {
            "Sid": "SecretsManagerPermissions",
            "Effect": "Allow",
            "Action": [
                "secretsmanager:GetSecretValue"
            ],
            "Resource": [
                "Specify the Secret ARN created in step 1-2"
            ],
            "Condition": {
                "StringLike": {
                    "secretsmanager:ResourceTag/RedshiftDataFullAccess": "*"
                }
            }
        },
        {
            "Sid": "ServiceLinkedRole",
            "Effect": "Allow",
            "Action": "iam:CreateServiceLinkedRole",
            "Resource": "arn:aws:iam::*:role/aws-service-role/redshift-data.amazonaws.com/AWSServiceRoleForRedshift",
            "Condition": {
                "StringLike": {
                    "iam:AWSServiceName": "redshift-data.amazonaws.com"
                }
            }
        }
    ]
}
```

#### **4. Additional Steps Required Only for Serverless**

* Add a tag named `RedshiftDataFullAccess` to the Workgroup you want to integrate with (Value can be empty)
* Create the following policy in IAM and grant the following policy

```json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "ServerlessWorkgroupInfo",
            "Effect": "Allow",
            "Action": [
                "redshift-serverless:GetWorkgroup"
            ],
            "Resource": "*"
        }
    ]
}
```

### 2. Register Redshift connection in Codatum

Finally, create a Redshift connection in Codatum.

* Select `Add Connection` from `Connections` in `Workspace Settings`
* Enter `Connection Name`
* Select `Access Level`
* Enter `Account ID`
  * This is your AWS account ID.
* Enter `Region`
  * This is the region where your Redshift resources are located.
* Select `Connection Type`
  * If you select Cluster:
    * Enter `Cluster Identifier`
    * Enter `Default Database`
      * This is the target database for connection. This setting does not restrict queryable databases, schemas, or tables.
  * If you select Serverless:
    * Enter `Serverless Namespace`
    * Enter `Serverless Workgroup Name`
    * Enter `Default Database`
      * This is the target database for connection. This setting does not restrict queryable databases, schemas, or tables.
* Enter `AWS Access Key`
  * Use the access key of the IAM user prepared in Step 1.
* Enter `AWS Secret Access Key`
  * Use the secret access key of the IAM user prepared in Step 1.
* Enter `Secret ARN`
  * Use the Secret ARN of the Secret prepared in Step 1.

Once you have completed the input, perform a connection test and then save the connection.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.codatum.com/connect-and-manage-data/supported-warehouses/redshift.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.