Redshift
Before you start
Please make sure you allow Narrator to connect to your warehouse:
Connection Options
Connecting Redshift
Narrator supports 2 options: Automated and Manual.
- Automated Setup (recommended): Connect your warehouse using an Admin Database User and Narrator will create a new user and grant itself access
- Manual Setup: You create a new user and you manage its access
Finding the Connection
Publicly Accessible set to "Enabled" if not connecting over SSH
Under Network and security settings, make sure your warehouse is publicly accessible if you're not using the SSH tunnel to connect! Even with the Allowlist IP addresses set up, if the warehouse is not publicly accessible over the open internet, Narrator will not be able to connect.
Log into your Redshift console
Navigate to Clusters
Click on the cluster you're connecting
Dont see your cluster, check the region in the top right
- Copy the
host
and paste it into Narrator
It copies the host, port and warehouse
ex: narrator-client.cohenxbed31d.us-east-1.redshift.amazonaws.com:5439/data_warehouse
- HOST: narrator-client.cohenxbcpk4g.us-east-1.redshift.amazonaws.com
- PORT: 5439
- WAREHOUSE: data_warehouse
Follow the Automated or Manual Setup then hit Test
Automated Setup
Simply connect your warehouse using an admin database user.
Then, Narrator will automatically...
- Create a normal user for Narrator
- Create a group called
narrator
- Add the new narrator user to the group
narrator
- Grant create access to all the new narrator user to create schemas and tables
- Alter the default privileges to make sure any table created by narrator grants access to the entire group
- Go through each schema in your warehouse and grant the narrator user
USAGE
on the schema andSELECT
on every table.
You can do all this yourself by going through the manual setup
Manual Setup
Run the SQL below to create a user, substituting your own password
CREATE USER narrator_user password 'insert_generated_password'
Create a group and add narrator_user
to the group, This allows WLM and permissions to be managed easier. You can do this by running the SQL below.
CREATE GROUP narrator;
ALTER GROUP narrator add user narrator_user;
Grant create access. This allows Narrator to create schemas and tables.
-- grant access to create on their database
GRANT CREATE ON DATABASE INSERT_WAREHOUSE_NAME_HERE TO narrator_user;
(Optional) Give yourself and any group access to anything Narrator creates. This is recommended.
-- Alter the default group access
ALTER DEFAULT PRIVILEGES for user narrator_user GRANT SELECT ON tables to group narrator, group INSERT_COMMON_GROUPS_HERE
Common groups are your analyst group or BI group
Get all the schema grant queries
select
'GRANT USAGE on schema ' || nspname || ' to group narrator; GRANT SELECT ON ALL TABLES in schema ' || nspname || ' to group narrator;' as query
from pg_namespace
where nspname not ilike 'pg_%'
order by nspname asc
Run the Grant statements from the above query for all the schemas you want Narrator to be able to read from.
GRANT USAGE on schema INSERT_SCHEMA_NAME_HERE to group narrator;
GRANT SELECT ON ALL TABLES in schema INSERT_SCHEMA_NAME_HERE to group narrator;
Connect your warehouse using the user and password that you just created.
Need Help?
Our data team is here to help! Here are a couple ways to get in touch...
š¬ Chat us from within Narrator
š Email us at [email protected]
Updated over 2 years ago