Creating an authentication profile
Using the AWS CLI, you create an authentication profile with the
create-authentication-profile
command. This assumes that you have
an existing Amazon Redshift cluster and an existing database. Your credentials must have
permission to connect to the Amazon Redshift database and rights to fetch the authentication
profile. You provide the configuration options as a JSON string, or reference a file
containing your JSON string.
create-authentication-profile --authentication-profile-name<value: String> --authentication-profile-content<value: String>
The following example creates a profile called ExampleProfileName
.
Here, you can add keys and values that define your cluster name and other option
settings, as a JSON string.
create-authentication-profile --authentication-profile-name "ExampleProfileName" --authentication-profile-content "{\"AllowDBUserOverride\":\"1\",\"Client_ID\":\"ExampleClientID\",\"App_ID\":\"ExampleAppID\",\"AutoCreate\":false,\"enableFetchRingBuffer\":true,\"databaseMetadataCurrentDbOnly\":true}" }
This command creates the profile with the specified JSON settings. The following is returned, which indicates that the profile is created.
{"
AuthenticationProfileName
":
"ExampleProfileName
",
"AuthenticationProfileContent"
:
"{\"AllowDBUserOverride
\":\"1\",\"Client_ID
\":\"ExampleClientID
\",\"App_ID
\":\"ExampleAppID
\",\"AutoCreate
\":false,\"enableFetchRingBuffer
\":true,\"databaseMetadataCurrentDbOnly
\":true}"
}
Limitations and quotas for creating an authentication profile
Each customer has a quota of ten (10) authentication profiles.
Certain errors can occur with authentication profiles. Examples are if you create a new profile with an existing name, or if you exceed your profile quota. For more information, see CreateAuthenticationProfile.
You can't store certain option keys and values for JDBC, ODBC, and Python connection strings in the authentication profile store:
-
AccessKeyID
-
access_key_id
-
SecretAccessKey
-
secret_access_key_id
-
PWD
-
Password
-
password
You can't store the key or value AuthProfile
in the profile
store, for JDBC or ODBC connection strings. For Python connections, you can’t
store auth_profile
.
Authentication profiles are stored in Amazon DynamoDB and managed by AWS.