Connecting with an authentication profile
After you create an authentication profile, you can include the profile name as a
connection option for JDBC version 2.0 AuthProfile
. Using this
connection option retrieves the stored settings.
jdbc:redshift:iam://endpoint:port/database?AuthProfile=<Profile-Name>&AccessKeyID=<Caller-Access-Key>&SecretAccessKey=<Caller-Secret-Key>
The following is an example JDBC URL string.
jdbc:redshift:iam://examplecluster:us-west-2/dev?AuthProfile="ExampleProfile"&AccessKeyID="AKIAIOSFODNN7EXAMPLE"&SecretAccessKey="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
Specify both the AccessKeyID
and SecretAccessKey
in the
JDBC URL, along with the authentication profile name.
You can also separate the configuration options with semicolon delimiters, such as in the following example, which includes options for logging.
jdbc:redshift:iam://my_redshift_end_point:5439/dev?LogLevel=6;LogPath=/tmp;AuthProfile=my_profile;AccessKeyID="AKIAIOSFODNN7EXAMPLE";SecretAccessKey="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
Note
Don't add confidential information to the authentication profile. For
example, don't store an AccessKeyID
or
SecretAccessKey
value in an authentication profile. The
authentication profile store has rules to prohibit storage of secret keys. You
get an error if you try to store a key and value associated with sensitive
information.