Adding a query monitoring policy - Amazon Redshift
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Adding a query monitoring policy

A superuser can provide access to users who aren't superusers so that they can perform query monitoring for all users. First, you add a policy for a user or a role to provide query monitoring access. Then, you grant query monitoring permission to the user or role.

To add the query monitoring policy
  1. Choose https://console.amazonaws.cn/iam/.

  2. Under Access management, choose Policies.

  3. Choose Create Policy.

  4. Choose JSON and paste the following policy definition.

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "redshift-data:ExecuteStatement", "redshift-data:DescribeStatement", "redshift-data:GetStatementResult", "redshift-data:ListDatabases" ], "Resource": "*" }, { "Effect": "Allow", "Action": "redshift-serverless:GetCredentials", "Resource": "*" } ] }
  5. Choose Review policy.

  6. For Name, enter a name for the policy, such as query-monitoring.

  7. Choose Create policy.

After you create the policy, you can grant the appropriate permissions.

To provide access, add permissions to your users, groups, or roles: