Service: Amazon Redshift
Short Name:
redshift
ARN Format:
arn:aws:redshift:${Region}:${Account}:${RelativeId}ARN Regex:
^arn:aws:redshift:.+:.+:.+ReadOnlyAccess
…
AWSConfigRoleAction | Access | Reference | Description |
|---|---|---|---|
| redshift:DescribeClusterDbRevisions | Docs | Grants permission to describe database revisions for a cluster | |
| redshift:DescribeClusters | Docs | Grants permission to describe properties of provisioned clusters | |
| redshift:DescribeClusterTracks | Docs | Grants permission to describe available maintenance tracks | |
| redshift:DescribeCustomDomainAssociations | Docs | Grants permission to describe custom domain names for a cluster | |
| redshift:DescribeEvents | Docs | Grants permission to describe events related to clusters, security groups, snapshots, and parameter groups for the past 14 days | |
| redshift:DescribeInboundIntegrations | Docs | Grants permission to list the inbound integrations | |
| redshift:DescribeNodeConfigurationOptions | Docs | Grants permission to describe properties of possible node configurations such as node type, number of nodes, and disk usage for the specified action type | |
| redshift:DescribeRedshiftIdcApplications | Docs | Grants permission to describe redshift idc applications | |
| redshift:ListDatabases | Docs | Grants permission to list databases through the Amazon Redshift console | |
| redshift:ListSavedQueries | Docs | Grants permission to list saved queries through the Amazon Redshift console | |
| redshift:ListSchemas | Docs | Grants permission to list schemas through the Amazon Redshift console | |
| redshift:ListTables | Docs | Grants permission to list tables through the Amazon Redshift console | |
| redshift:ViewQueriesFromConsole | Docs | Grants permission to view query results through the Amazon Redshift console | |
| redshift:ViewQueriesInConsole | Docs | Grants permission to terminate running queries and loads through the Amazon Redshift console | |
| redshift:AuthorizeDataShare | Docs | Grants permission to authorize the specified datashare consumer to consume a datashare | |
| redshift:AuthorizeEndpointAccess | Docs | Grants permission to authorize endpoint related activities for redshift-managed vpc endpoint | |
| redshift:AuthorizeSnapshotAccess | Docs | Grants permission to the specified AWS account to restore a snapshot | |
| redshift:CreateClusterUser | Docs | Grants permission to automatically create the specified Amazon Redshift user if it does not exist | |
| redshift:CreateSnapshotCopyGrant | Docs | Grants permission to create a snapshot copy grant and encrypt copied snapshots in a destination AWS Region | |
| redshift:DeauthorizeDataShare | Docs | Grants permission to remove permission from the specified datashare consumer to consume a datashare | |
| redshift:DeleteResourcePolicy | Docs | Grants permission to delete the resource policy for a specified resource | |
| redshift:DescribeEndpointAuthorization | Docs | Grants permission to authorize describe activity for redshift-managed vpc endpoint | |
| redshift:JoinGroup | Docs | Grants permission to join the specified Amazon Redshift group | |
| redshift:ModifyClusterIamRoles | Docs | Grants permission to modify the list of AWS Identity and Access Management (IAM) roles that can be used by a cluster to access other AWS services | |
| redshift:PutResourcePolicy | Docs | Grants permission to update the resource policy for a specified resource | |
| redshift:RejectDataShare | Docs | Grants permission to decline a datashare shared from another account | |
| redshift:RevokeEndpointAccess | Docs | Grants permission to revoke access for endpoint related activities for redshift-managed vpc endpoint | |
| redshift:RevokeSnapshotAccess | Docs | Grants permission to revoke access from the specified AWS account to restore a snapshot | |
| redshift:DescribeAccountAttributes | Docs | Grants permission to describe attributes attached to the specified AWS account | |
| redshift:DescribeAuthenticationProfiles | Docs | Grants permission to describe created Amazon Redshift authentication profiles | |
| redshift:DescribeClusterParameterGroups | Docs | Grants permission to describe Amazon Redshift parameter groups, including parameter groups you created and the default parameter group | |
| redshift:DescribeClusterParameters | Docs | Grants permission to describe parameters contained within an Amazon Redshift parameter group | |
| redshift:DescribeClusterSecurityGroups | Docs | Grants permission to describe Amazon Redshift security groups | |
| redshift:DescribeClusterSnapshots | Docs | Grants permission to describe one or more snapshot objects, which contain metadata about your cluster snapshots | |
| redshift:DescribeClusterSubnetGroups | Docs | Grants permission to describe one or more cluster subnet group objects, which contain metadata about your cluster subnet groups | |
| redshift:DescribeClusterVersions | Docs | Grants permission to describe available Amazon Redshift cluster versions | |
| redshift:DescribeDataShares | Docs | Grants permission to describe datashares created and consumed by your clusters | |
| redshift:DescribeDataSharesForConsumer | Docs | Grants permission to describe only datashares consumed by your clusters | |
| redshift:DescribeDataSharesForProducer | Docs | Grants permission to describe only datashares created by your clusters | |
| redshift:DescribeDefaultClusterParameters | Docs | Grants permission to describe parameter settings for a parameter group family | |
| redshift:DescribeEndpointAccess | Docs | Grants permission to describe redshift-managed vpc endpoints | |
| redshift:DescribeEventCategories | Docs | Grants permission to describe event categories for all event source types, or for a specified source type | |
| redshift:DescribeEventSubscriptions | Docs | Grants permission to describe Amazon Redshift event notification subscriptions for the specified AWS account | |
| redshift:DescribeHsmClientCertificates | Docs | Grants permission to describe HSM client certificates | |
| redshift:DescribeHsmConfigurations | Docs | Grants permission to describe Amazon Redshift HSM configurations | |
| redshift:DescribeLoggingStatus | Docs | Grants permission to describe whether information, such as queries and connection attempts, is being logged for a cluster | |
| redshift:DescribeOrderableClusterOptions | Docs | Grants permission to describe orderable cluster options | |
| redshift:DescribePartners | Docs | Grants permission to retrieve information about the partner integrations defined for a cluster | |
| redshift:DescribeQuery | Docs | Grants permission to describe a query through the Amazon Redshift console | |
| redshift:DescribeReservedNodeExchangeStatus | Docs | Grants permission to describe exchange status details and associated metadata for a reserved-node exchange. Statuses include such values as in progress and requested | |
| redshift:DescribeReservedNodeOfferings | Docs | Grants permission to describe available reserved node offerings by Amazon Redshift | |
| redshift:DescribeReservedNodes | Docs | Grants permission to describe the reserved nodes | |
| redshift:DescribeResize | Docs | Grants permission to describe the last resize operation for a cluster | |
| redshift:DescribeSavedQueries | Docs | Grants permission to describe saved queries through the Amazon Redshift console | |
| redshift:DescribeScheduledActions | Docs | Grants permission to describe created Amazon Redshift scheduled actions | |
| redshift:DescribeSnapshotCopyGrants | Docs | Grants permission to describe snapshot copy grants owned by the specified AWS account in the destination AWS Region | |
| redshift:DescribeSnapshotSchedules | Docs | Grants permission to describe snapshot schedules | |
| redshift:DescribeStorage | Docs | Grants permission to describe account level backups storage size and provisional storage | |
| redshift:DescribeTable | Docs | Grants permission to describe a table through the Amazon Redshift console | |
| redshift:DescribeTableRestoreStatus | Docs | Grants permission to describe status of one or more table restore requests made using the RestoreTableFromClusterSnapshot API action | |
| redshift:DescribeTags | Docs | Grants permission to describe tags | |
| redshift:DescribeUsageLimits | Docs | Grants permission to describe usage limits | |
| redshift:FetchResults | Docs | Grants permission to fetch query results through the Amazon Redshift console | |
| redshift:GetReservedNodeExchangeConfigurationOptions | Docs | Grants permission to get the configuration options for the reserved-node exchange | |
| redshift:GetReservedNodeExchangeOfferings | Docs | Grants permission to get an array of DC2 ReservedNodeOfferings that matches the payment type, term, and usage price of the given DC1 reserved node | |
| redshift:GetResourcePolicy | Docs | Grants permission to get the resource policy for a specified resource | |
| redshift:CreateTags | Docs | Grants permission to add one or more tags to a specified resource | |
| redshift:DeleteTags | Docs | Grants permission to delete a tag or tags from a resource | |
| redshift:AcceptReservedNodeExchange | Docs | Grants permission to exchange a DC1 reserved node for a DC2 reserved node with no changes to the configuration | |
| redshift:AddPartner | Docs | Grants permission to add a partner integration to a cluster | |
| redshift:AssociateDataShareConsumer | Docs | Grants permission to associate a consumer to a datashare | |
| redshift:AuthorizeClusterSecurityGroupIngress | Docs | Grants permission to add an inbound (ingress) rule to an Amazon Redshift security group | |
| redshift:BatchDeleteClusterSnapshots | Docs | Grants permission to delete snapshots in a batch of size upto 100 | |
| redshift:BatchModifyClusterSnapshots | Docs | Grants permission to modify settings for a list of snapshots | |
| redshift:CancelQuery | Docs | Grants permission to cancel a query through the Amazon Redshift console | |
| redshift:CancelQuerySession | Docs | Grants permission to see queries in the Amazon Redshift console | |
| redshift:CancelResize | Docs | Grants permission to cancel a resize operation | |
| redshift:CopyClusterSnapshot | Docs | Grants permission to copy a cluster snapshot | |
| redshift:CreateAuthenticationProfile | Docs | Grants permission to create an Amazon Redshift authentication profile | |
| redshift:CreateCluster | Docs | Grants permission to create a cluster | |
| redshift:CreateClusterParameterGroup | Docs | Grants permission to create an Amazon Redshift parameter group | |
| redshift:CreateClusterSecurityGroup | Docs | Grants permission to create an Amazon Redshift security group | |
| redshift:CreateClusterSnapshot | Docs | Grants permission to create a manual snapshot of the specified cluster | |
| redshift:CreateClusterSubnetGroup | Docs | Grants permission to create an Amazon Redshift subnet group | |
| redshift:CreateCustomDomainAssociation | Docs | Grants permission to create a custom domain name for a cluster | |
| redshift:CreateEndpointAccess | Docs | Grants permission to create a redshift-managed vpc endpoint | |
| redshift:CreateEventSubscription | Docs | Grants permission to create an Amazon Redshift event notification subscription | |
| redshift:CreateHsmClientCertificate | Docs | Grants permission to create an HSM client certificate that a cluster uses to connect to an HSM | |
| redshift:CreateHsmConfiguration | Docs | Grants permission to create an HSM configuration that contains information required by a cluster to store and use database encryption keys in a hardware security module (HSM) | |
| redshift:CreateRedshiftIdcApplication | Docs | Grants permission to create a redshift idc application | |
| redshift:CreateSavedQuery | Docs | Grants permission to create saved SQL queries through the Amazon Redshift console | |
| redshift:CreateScheduledAction | Docs | Grants permission to create an Amazon Redshift scheduled action | |
| redshift:CreateSnapshotSchedule | Docs | Grants permission to create a snapshot schedule | |
| redshift:CreateUsageLimit | Docs | Grants permission to create a usage limit | |
| redshift:DeleteAuthenticationProfile | Docs | Grants permission to delete an Amazon Redshift authentication profile | |
| redshift:DeleteCluster | Docs | Grants permission to delete a previously provisioned cluster | |
| redshift:DeleteClusterParameterGroup | Docs | Grants permission to delete an Amazon Redshift parameter group | |
| redshift:DeleteClusterSecurityGroup | Docs | Grants permission to delete an Amazon Redshift security group | |
| redshift:DeleteClusterSnapshot | Docs | Grants permission to delete a manual snapshot | |
| redshift:DeleteClusterSubnetGroup | Docs | Grants permission to delete a cluster subnet group | |
| redshift:DeleteCustomDomainAssociation | Docs | Grants permission to delete a custom domain name for a cluster | |
| redshift:DeleteEndpointAccess | Docs | Grants permission to delete a redshift-managed vpc endpoint | |
| redshift:DeleteEventSubscription | Docs | Grants permission to delete an Amazon Redshift event notification subscription | |
| redshift:DeleteHsmClientCertificate | Docs | Grants permission to delete an HSM client certificate | |
| redshift:DeleteHsmConfiguration | Docs | Grants permission to delete an Amazon Redshift HSM configuration | |
| redshift:DeletePartner | Docs | Grants permission to delete a partner integration from a cluster | |
| redshift:DeleteRedshiftIdcApplication | Docs | Grants permission to delete a redshift idc application | |
| redshift:DeleteSavedQueries | Docs | Grants permission to delete saved SQL queries through the Amazon Redshift console | |
| redshift:DeleteScheduledAction | Docs | Grants permission to delete an Amazon Redshift scheduled action | |
| redshift:DeleteSnapshotCopyGrant | Docs | Grants permission to delete a snapshot copy grant | |
| redshift:DeleteSnapshotSchedule | Docs | Grants permission to delete a snapshot schedule | |
| redshift:DeleteUsageLimit | Docs | Grants permission to delete a usage limit | |
| redshift:DisableLogging | Docs | Grants permission to disable logging information, such as queries and connection attempts, for a cluster | |
| redshift:DisableSnapshotCopy | Docs | Grants permission to disable the automatic copy of snapshots for a cluster | |
| redshift:DisassociateDataShareConsumer | Docs | Grants permission to disassociate a consumer from a datashare | |
| redshift:EnableLogging | Docs | Grants permission to enable logging information, such as queries and connection attempts, for a cluster | |
| redshift:EnableSnapshotCopy | Docs | Grants permission to enable the automatic copy of snapshots for a cluster | |
| redshift:ExecuteQuery | Docs | Grants permission to execute a query through the Amazon Redshift console | |
| redshift:FailoverPrimaryCompute | Docs | Grants permission to failover the primary compute of an Multi-AZ cluster to another AZ | |
| redshift:GetClusterCredentials | Docs | Grants permission to get temporary credentials to access an Amazon Redshift database by the specified AWS account | |
| redshift:GetClusterCredentialsWithIAM | Docs | Grants permission to get enhanced temporary credentials to access an Amazon Redshift database by the specified AWS account | |
| redshift:ModifyAquaConfiguration | Docs | Grants permission to modify the AQUA configuration of a cluster | |
| redshift:ModifyAuthenticationProfile | Docs | Grants permission to modify an existing Amazon Redshift authentication profile | |
| redshift:ModifyCluster | Docs | Grants permission to modify the settings of a cluster | |
| redshift:ModifyClusterDbRevision | Docs | Grants permission to modify the database revision of a cluster | |
| redshift:ModifyClusterMaintenance | Docs | Grants permission to modify the maintenance settings of a cluster | |
| redshift:ModifyClusterParameterGroup | Docs | Grants permission to modify the parameters of a parameter group | |
| redshift:ModifyClusterSnapshot | Docs | Grants permission to modify the settings of a snapshot | |
| redshift:ModifyClusterSnapshotSchedule | Docs | Grants permission to modify a snapshot schedule for a cluster | |
| redshift:ModifyClusterSubnetGroup | Docs | Grants permission to modify a cluster subnet group to include the specified list of VPC subnets | |
| redshift:ModifyCustomDomainAssociation | Docs | Grants permission to modify a custom domain name for a cluster | |
| redshift:ModifyEndpointAccess | Docs | Grants permission to modify a redshift-managed vpc endpoint | |
| redshift:ModifyEventSubscription | Docs | Grants permission to modify an existing Amazon Redshift event notification subscription | |
| redshift:ModifyRedshiftIdcApplication | Docs | Grants permission to modify a redshift idc application | |
| redshift:ModifySavedQuery | Docs | Grants permission to modify an existing saved query through the Amazon Redshift console | |
| redshift:ModifyScheduledAction | Docs | Grants permission to modify an existing Amazon Redshift scheduled action | |
| redshift:ModifySnapshotCopyRetentionPeriod | Docs | Grants permission to modify the number of days to retain snapshots in the destination AWS Region after they are copied from the source AWS Region | |
| redshift:ModifySnapshotSchedule | Docs | Grants permission to modify a snapshot schedule | |
| redshift:ModifyUsageLimit | Docs | Grants permission to modify a usage limit | |
| redshift:PauseCluster | Docs | Grants permission to pause a cluster | |
| redshift:PurchaseReservedNodeOffering | Docs | Grants permission to purchase a reserved node | |
| redshift:RebootCluster | Docs | Grants permission to reboot a cluster | |
| redshift:ResetClusterParameterGroup | Docs | Grants permission to set one or more parameters of a parameter group to their default values and set the source values of the parameters to "engine-default" | |
| redshift:ResizeCluster | Docs | Grants permission to change the size of a cluster | |
| redshift:RestoreFromClusterSnapshot | Docs | Grants permission to create a cluster from a snapshot | |
| redshift:RestoreTableFromClusterSnapshot | Docs | Grants permission to create a table from a table in an Amazon Redshift cluster snapshot | |
| redshift:ResumeCluster | Docs | Grants permission to resume a cluster | |
| redshift:RevokeClusterSecurityGroupIngress | Docs | Grants permission to revoke an ingress rule in an Amazon Redshift security group for a previously authorized IP range or Amazon EC2 security group | |
| redshift:RotateEncryptionKey | Docs | Grants permission to rotate an encryption key for a cluster | |
| redshift:UpdatePartnerStatus | Docs | Grants permission to update the status of a partner integration |
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysredshift:AllowWritesredshift:ConsumerArnredshift:ConsumerIdentifierredshift:DbNameredshift:DbUserredshift:DurationSecondsredshift:InboundIntegrationArn