Prerequisites for AWS Redshift connector¶
Mandatory Prerequisites¶
| Prerequisites | Detail |
|---|---|
| JDBC URL | Get the JDBC URL for the Redshift cluster. |
| JDBC username and password | Create a Redshift user with admin privileges which will be used exclusively by the Privacera Connector to manage access permissions. You can refer to this AWS Redshift documentation link. |
| Database, schema and table names | The database and schema names which should be managed. Initially you should enable managing access to a test schema with tables. Once you have tried all the use-cases, you can manage all the objects in your Redshift database cluster. |
| Users and groups to manage | The Privacera users and groups whose permissions in Redshift will be managed by the connector. |
Planned deployment¶
Redshift Roles
Privacera Connector for AWS Redshift will create Redshift Roles for the users, groups and roles in Privacera. The default naming convention for these Redshift roles is to prefix the role name with priv_.
Privacera connector will apply new permissions as per the policies defined in Privacera. The existing grants and permissions for the users, groups and roles in Redshift will not be removed by Privacera connector.
Existing grants and permissions
You will have to manually remove existing grants and permissions from Redshift. Similarly existing user to group or role mappings will not be removed by Privacera connector.
You can start by specifying a subset of schemas and tables to be managed by Privacera connector, and then you can later remove the restrictions to manage all the objects in your Redshift database cluster.
Similarly, you can start by specifying a subset of users and groups to be managed by Privacera connector, and then you can later remove the restrictions to manage all the users and groups in your Redshift database cluster.
If you have existing grants, you may want to convert them into Privacera policies and then remove the existing grants. Privacera Professional Services can help you with this conversion.