Redshift

Suggest Edits

Before you start

Please make sure you allow Narrator to connect to your warehouse:
Connection Options


Connecting Redshift

Narrator supports 2 options: Automated and Manual.

  • Automated Setup (recommended): Connect your warehouse using an Admin Database User and Narrator will create a new user and grant itself access
  • Manual Setup: You create a new user and you manage its access

Finding the Connection

🚧

Publicly Accessible set to "Enabled" if not connecting over SSH

Under Network and security settings, make sure your warehouse is publicly accessible if you're not using the SSH tunnel to connect! Even with the Allowlist IP addresses set up, if the warehouse is not publicly accessible over the open internet, Narrator will not be able to connect.

Log into your Redshift console

Navigate to Clusters


Click on the cluster you're connecting

Dont see your cluster, check the region in the top right


  1. Copy the host and paste it into Narrator

It copies the host, port and warehouse


ex: narrator-client.cohenxbed31d.us-east-1.redshift.amazonaws.com:5439/data_warehouse

  • HOST: narrator-client.cohenxbcpk4g.us-east-1.redshift.amazonaws.com
  • PORT: 5439
  • WAREHOUSE: data_warehouse



Follow the Automated or Manual Setup then hit Test



Automated Setup

Simply connect your warehouse using an admin database user.


Then, Narrator will automatically...

  • Create a normal user for Narrator
  • Create a group called narrator
  • Add the new narrator user to the group narrator
  • Grant create access to all the new narrator user to create schemas and tables
  • Alter the default privileges to make sure any table created by narrator grants access to the entire group
  • Go through each schema in your warehouse and grant the narrator user USAGE on the schema and SELECT on every table.

You can do all this yourself by going through the manual setup





Manual Setup

Run the SQL below to create a user, substituting your own password

CREATE USER narrator_user password 'insert_generated_password'

Create a group and add narrator_user to the group, This allows WLM and permissions to be managed easier. You can do this by running the SQL below.

CREATE GROUP narrator;
ALTER GROUP narrator add user narrator_user;

Grant create access. This allows Narrator to create schemas and tables.

-- grant access to create on their database
GRANT CREATE ON DATABASE INSERT_WAREHOUSE_NAME_HERE TO narrator_user;

(Optional) Give yourself and any group access to anything Narrator creates. This is recommended.

-- Alter the default group access 
ALTER DEFAULT PRIVILEGES for user narrator_user GRANT SELECT ON tables to group narrator, group INSERT_COMMON_GROUPS_HERE

Common groups are your analyst group or BI group


Get all the schema grant queries

select 
   'GRANT USAGE on schema ' || nspname || ' to group narrator; GRANT SELECT ON ALL TABLES in schema ' || nspname || ' to group narrator;' as query
from pg_namespace
where nspname not ilike 'pg_%'
order by nspname asc

Run the Grant statements from the above query for all the schemas you want Narrator to be able to read from.

GRANT USAGE on schema INSERT_SCHEMA_NAME_HERE to group narrator; 
GRANT SELECT ON ALL TABLES in schema INSERT_SCHEMA_NAME_HERE to group narrator;

Connect your warehouse using the user and password that you just created.




Need Help?

Our data team is here to help! Here are a couple ways to get in touch...

πŸ’¬ Chat us from within Narrator

πŸ’Œ Email us at [email protected]

πŸ—“ Or schedule a 30-min meeting with our data team

Updated over 1 year ago

What’s Next

Create your First Transformation with this Tutorial