Producer cluster administrator actions - Amazon Redshift
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Producer cluster administrator actions

If you are a producer cluster administrator or database owner – follow these steps:

  1. Create datashares in your cluster and add datashare objects to the datashares. For more detailed steps on how to create datashares and add datashare objects to datashares, see Sharing data within an Amazon Web Services account. For information about the CREATE DATASHARE and ALTER DATASHARE, see CREATE DATASHARE and ALTER DATASHARE.

    The following example adds different datashare objects to the datashare salesshare.

    -- Add schema to datashare ALTER DATASHARE salesshare ADD SCHEMA PUBLIC; -- Add table under schema to datashare ALTER DATASHARE salesshare ADD TABLE public.tickit_sales_redshift; -- Add view to datashare ALTER DATASHARE salesshare ADD TABLE public.sales_data_summary_view; -- Add all existing tables and views under schema to datashare (does not include future table) ALTER DATASHARE salesshare ADD ALL TABLES in schema public;

    You can also use the Amazon Redshift console to create or edit datashares. For more information, see Creating datashares and Editing datashares created in your account.

  2. Delegate permissions to operate on the datashare. For more information, see GRANT or REVOKE.

    The following example grants permissions to dbuser on salesshare.

    GRANT ALTER, SHARE ON DATASHARE salesshare TO dbuser;

    Cluster superusers and the owners of the datashare can grant or revoke modification permissions on the datashare to additional users.

  3. Add consumers to or remove consumers from datashares. The following example adds the Amazon Web Services account ID to salesshare. For more information, see GRANT or REVOKE.

    GRANT USAGE ON DATASHARE salesshare TO ACCOUNT '123456789012';

    You can only grant permissions to one data consumer in a GRANT statement.

    Cluster superusers and the owners of datashare objects, or users that have SHARE permissions on the datashare, can add consumers to or remove consumers from a datashare. To do so, they use GRANT USAGE or REVOKE USAGE.

    You can also use the Amazon Redshift console to add or remove data consumers for datashares. For more information, see Adding data consumers to datashares and Removing data consumers from datashares.

  4. (Optional) Revoke access to the datashare from Amazon Web Services accounts if you don't want to share the data with the consumers anymore.

    REVOKE USAGE ON DATASHARE salesshare FROM ACCOUNT '123456789012';

If you are a producer account administrator – follow these steps:

After granting usage to the Amazon Web Services account, the datashare status is pending_authorization. The producer account administrator should authorize datashares using the Amazon Redshift console and choose the data consumers.

Sign in to the https://console.amazonaws.cn/redshift/. Then choose which data consumers to authorize to access datashares or to remove authorization from. Authorized data consumers receive notifications to take actions on datashares. If you are adding a cluster namespace as a data consumer, you don't have to perform authorization. After data consumers are authorized, they can access datashare objects and create a consumer database to query the data. For more information, see Authorizing or removing authorization from datashares.