IAM policy requirements for accessing clusters and namespaces registered to the Data Catalog - Amazon Redshift
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon Redshift will no longer support the creation of new Python UDFs starting Patch 198. Existing Python UDFs will continue to function until June 30, 2026. For more information, see the blog post .

IAM policy requirements for accessing clusters and namespaces registered to the Data Catalog

This topic describes the required IAM permissions for registering provisioned clusters and serverless namespaces to the Data Catalog and accessing them with Amazon Redshift.

After you register a provisioned cluster or serverless namespace to the Amazon Glue Data Catalog, you need the following permissions to discover the creation of and changes to the subsequently created catalog.

  • glue:GetCatalog

  • glue:GetCatalogs

  • lakeformation:GetDataAccess

These permissions are included in the service-linked role AmazonRedshiftServiceLinkedRolePolicy. For more information on this role, see Using service-linked roles for Amazon Redshift in the Amazon Redshift Management Guide.