producer administrator actions
With Amazon Redshift, you can perform administrative tasks on producer clusters to manage data ingestion and load processing.
If you are a producer administrator or database owner – follow these steps:
-
Create datashares in your cluster and add datashare objects to the datashares. For more detailed steps on how to create datashares and add datashare objects to datashares, see Sharing read access to data within an Amazon Web Services account. For information about the CREATE DATASHARE and ALTER DATASHARE, see CREATE DATASHARE and ALTER DATASHARE.
The following example adds different datashare objects to the datashare
salesshare
.-- Add schema to datashare ALTER DATASHARE salesshare ADD SCHEMA PUBLIC; -- Add table under schema to datashare ALTER DATASHARE salesshare ADD TABLE public.tickit_sales_redshift; -- Add view to datashare ALTER DATASHARE salesshare ADD TABLE public.sales_data_summary_view; -- Add all existing tables and views under schema to datashare (does not include future table) ALTER DATASHARE salesshare ADD ALL TABLES in schema public;
You can also use the Amazon Redshift console to create or edit datashares. For more information, see Create a datashare and Editing datashares created in your account.
-
Delegate permissions to operate on the datashare. For more information, see GRANT or REVOKE.
The following example grants permissions to
dbuser
onsalesshare
.GRANT ALTER, SHARE ON DATASHARE salesshare TO dbuser;
Cluster superusers and the owners of the datashare can grant or revoke modification permissions on the datashare to additional users.
-
Add consumers to or remove consumers from datashares. The following example adds the Amazon Web Services account ID to
salesshare
. For more information, see GRANT or REVOKE.GRANT USAGE ON DATASHARE salesshare TO ACCOUNT '123456789012';
You can only grant permissions to one data consumer in a GRANT statement.
Cluster superusers and the owners of datashare objects, or users that have SHARE permissions on the datashare, can add consumers to or remove consumers from a datashare. To do so, they use GRANT USAGE or REVOKE USAGE.
You can also use the Amazon Redshift console to add or remove data consumers for datashares. For more information, see Add data consumers to datashares and Removing data consumers from datashares.
-
(Optional) Revoke access to the datashare from Amazon Web Services accounts if you don't want to share the data with the consumers anymore.
REVOKE USAGE ON DATASHARE salesshare FROM ACCOUNT '123456789012';
If you are a producer account administrator – follow these steps:
After granting usage to the Amazon Web Services account, the datashare status is
pending_authorization
. The producer account administrator should
authorize datashares using the Amazon Redshift console and choose the data consumers.
Sign in to the https://console.amazonaws.cn/redshiftv2/
Sharing write permissions to data across accounts
With Amazon Redshift, you can share data across Amazon accounts and grant write permissions, enabling collaboration and data sharing between teams or organizations. Cross-account data sharing allows you to establish a data provider account that creates and manages databases, schemas, and tables, which can then be securely shared with data consumer accounts. The following sections demonstrate the process of configuring cross-account data sharing and granting write access in Amazon Redshift.