Preparation

To allow Shaped to connect to your Redshift data warehouse, you need to create a read-only user and share its credentials through the Create Model request. You can create this user with the following steps on your Redshift cluster:

# 1. Create a new user.
CREATE USER read_only_user WITH PASSWORD 'secure_password1!';

# 2. Create a group for granting/revoking permissions.
CREATE GROUP read_only_group;

# 3. Add user to group.
ALTER GROUP read_only_group ADD USER read_only_user;

# 4. Revoke default granted create rights in schema from group.
REVOKE CREATE ON SCHEMA public FROM GROUP read_only_group;

# 5. Grant the group usage access to the schema.
GRANT USAGE ON SCHEMA public TO group read_only_group;

# 6. Grant the group read access to all the tables in the schema. Note you can also 
# restrict this to your specific user, item and interaction views.
GRANT SELECT ON ALL TABLES IN SCHEMA public TO group read_only_group;

# 7. Grant the group access to future tables in the schema.
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO group read_only_group;

You’ll also need to create an associated IAM role for Shaped to access your Redshift cluster and staging location.

Connector Config Definition

Below are the fields required for the Redshift connector_config

"connector_configs": [{
    "type": "Redshift",
    "id": "redshift",
    "cluster_id": "cluster_name",
    "user": "cluster_username",
    "region": "cluster_region",
    "database": "cluster_database",
    "iam_role": "read_access_iam_role_arn",
    "s3_staging_location": "cluster_staging_s3_path"
}]
FieldExampleDescription
type“Redshift”Specifies the connector type, in this case “Redshift”.
id“redshift”Specifies the connector id, in this case “eedshift”.
cluster_id“my_cluster”Cluster name containing your user, item, and interaction tables.
useryour_userAccess account username.
region“us-east-2”Cluster region.
database“movielens”The name of the database containing your cluster.
iam_role"arn:aws:iam::XXXXXXXXXXXX:role/service-role/Redshift-AccessRole”The arn of the IAM role with read access to your cluster and staging location.
s3_staging_location“s3://path/to/staging/location”The s3 bucket for Redshift to stage data for reading.