Make sure to replace {Region}, {Account}, and {ClusterIdentifier} in the above policy with the exact values for your AWS region, account, and cluster, respectively.
Replace {DbName} with the name of the database for which the above user has access.
Set up new IAM role
Sign in to your AWS Management Console and open the IAM console.
In the left navigation pane, click Roles followed by Create role.
Under Trusted entity type, select AWS account:
Select Another AWS account and under Account ID, enter 422074288268, the account ID associated with RudderStack.
Under Options check Require external ID and enter your workspace ID as the External ID.
RudderStack currently does not support MFA setting that restricts the role only to the users who sign in using multi-factor authentication (MFA). Hence, do not check the Require MFA option.
Review all settings carefully and click Next to proceed.
In the policy selection screen, add the policy created in the Create policy section.
Review all settings carefully and click Next to proceed.
Enter a unique name for your role. Note that this name cannot be distinguished by case. For example, you cannot create a role named RUDDERSTACK if rudderstack already exists.
You cannot edit the name of the role after it has been created.
Enter the role description.
To edit the use case or permissions for the role, click the Edit button next to the Step 1: Select trusted entities or Step 2: Add permissions, respectively.
Optional: You can also add metadata to the role by attaching tags as key-value pairs. For more information, refer to the Tagging IAM resources guide.
Click Create role to complete the setup.
Finally, note the ARN of this newly created role.
Use IAM role during Redshift setup
You can use the RudderStack IAM role to authenticate to Redshift for the following use cases:
Warehouse destination
Toggle on the Use IAM for authentication setting.
Specify the below settings:
Cluster identifier: Enter your AWS cluster ID.
Cluster region: Enter your AWS cluster region.
Enter the ARN of the RudderStack IAM role in the IAM role ARN setting.
This site uses cookies to improve your experience while you navigate through the website. Out of
these
cookies, the cookies that are categorized as necessary are stored on your browser as they are as
essential
for the working of basic functionalities of the website. We also use third-party cookies that
help
us
analyze and understand how you use this website. These cookies will be stored in your browser
only
with
your
consent. You also have the option to opt-out of these cookies. But opting out of some of these
cookies
may
have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This
category only includes cookies that ensures basic functionalities and security
features of the website. These cookies do not store any personal information.
This site uses cookies to improve your experience. If you want to
learn more about cookies and why we use them, visit our cookie
policy. We'll assume you're ok with this, but you can opt-out if you wish Cookie Settings.