Amazon Redshift

Database Developer Guide

Introduction
- Amazon Redshift architecture
  Data warehouse architecture
  Performance
  Columnar storage
  Workload management
  Using Amazon Redshift with other services
- Sample database
Best practices
Tutorials
Automatic table optimization
Loading data
Unloading data
User-defined functions
Creating stored procedures
- Stored procedure overview
  Naming stored procedures
  Security and privileges
  Returning a result set
  Managing transactions
  Trapping errors
  Logging stored procedures
  Limitations
- PL/pgSQL language reference
  PL/pgSQL reference conventions
  Structure of PL/pgSQL
  Supported PL/pgSQL statements
Materialized views
Data Catalog views
Querying spatial data
Querying data with federated queries
Amazon Redshift Spectrum
HyperLogLog sketches
Cross-database queries
Apache Iceberg compatibility
Data sharing
Semistructured data in Amazon Redshift
Machine learning
Query performance tuning
Workload management
Database security
SQL reference
System tables and views reference
Configuration reference
Document history

Amazon Redshift

Documentation
Amazon Redshift
Database Developer Guide

Granting object level permissions to consumer users and roles in Amazon Redshift

PDF

RSS

Focus mode

Granting object level permissions to consumer users and roles in Amazon Redshift - Amazon Redshift

Documentation Amazon Redshift Database Developer Guide

As a consumer administrator, you can grant permissions to consumer users and roles at the object level by completing the following steps.

SQL

If you created your database without WITH PERMISSIONS, you can only assign permissions on the entire database created from the datashare to your users and roles.


GRANT USAGE ON DATABASE sales_db TO Bob;


GRANT USAGE ON SCHEMA sales_schema TO ROLE Analyst_role;

You can also create late-binding views on top of shared objects and use these to assign granular permissions. You can also consider having producer clusters create additional datashares for you with the granularity required.

If you created your database with WITH PERMISSIONS, you must assign object-level permissions for objects in the shared database. A user with only the USAGE permission can’t access any objects in a database created with WITH PERMISSIONS until they’re granted additional object-level permissions..


GRANT SELECT ON sales_db.public.tickit_sales_redshift to Bob;

anchor

If you created your database without WITH PERMISSIONS, you can only assign permissions on the entire database created from the datashare to your users and roles.


GRANT USAGE ON DATABASE sales_db TO Bob;


GRANT USAGE ON SCHEMA sales_schema TO ROLE Analyst_role;


GRANT SELECT ON sales_db.public.tickit_sales_redshift to Bob;

For more information about granting permissions with multi-warehouse writes, see Managing permissions for a datashares in Amazon Redshift.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Creating a database from a datashare

Querying data in a datashare

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.

Next topic:

Querying data in a datashare

Previous topic:

Creating a database from a datashare

Need help?

Try AWS re:Post
Connect with an AWS IQ expert

Did this page help you?

Provide feedback

Privacy Site terms Cookie preferences

Select your cookie preferences

Customize cookie preferences

Essential

Performance

Functional

Advertising

Unable to save cookie preferences

Granting object level permissions to consumer users and roles in Amazon Redshift

Next topic:

Previous topic:

Need help?

Did this page help you?