AmazonDataZoneRedshiftManageAccessRolePolicy details (in AWS console)
Policy Name
AmazonDataZoneRedshiftManageAccessRolePolicy
Description
This policy gives Amazon DataZone permissions to publish Amazon Redshift data to the catalog. It also gives Amazon DataZone permissions to grant access or revoke access to Amazon Redshift or Amazon Redshift Serverless published assets in the catalog.
ARN
arn:aws:iam::aws:policy/service-role/AmazonDataZoneRedshiftManageAccessRolePolicy
Path
/service-role/
PolicyId
ANPAZKAPJZG4K6KUTPP6X
AttachmentCount
0
[
{
"Effect": "Allow",
"Action": [
"redshift-data:BatchExecuteStatement",
"redshift-data:DescribeTable",
"redshift-data:ExecuteStatement",
"redshift-data:ListTables",
"redshift-data:ListSchemas",
"redshift-data:ListDatabases"
],
"Resource": [
"arn:aws:redshift-serverless:*:*:workgroup/*",
"arn:aws:redshift:*:*:cluster:*"
]
},
{
"Effect": "Allow",
"Action": [
"secretsmanager:ListSecrets"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"redshift-serverless:GetWorkgroup"
],
"Resource": [
"arn:aws:redshift-serverless:*:*:workgroup/*"
]
},
{
"Effect": "Allow",
"Action": [
"redshift-serverless:GetNamespace"
],
"Resource": [
"arn:aws:redshift-serverless:*:*:namespace/*"
]
},
{
"Effect": "Allow",
"Action": [
"redshift-data:DescribeStatement",
"redshift-data:GetStatementResult",
"redshift:DescribeClusters"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"redshift:AuthorizeDataShare",
"redshift:DescribeDataShares"
],
"Resource": [
"arn:aws:redshift:*:*:datashare:*/datazone*"
]
},
{
"Effect": "Allow",
"Action": [
"redshift:AssociateDataShareConsumer"
],
"Resource": [
"arn:aws:redshift:*:*:datashare:*/datazone*"
]
}
]