This document highlights special considerations when using Amazon Redshift in your team development AWS accounts.
Review Note: This is a draft document.
If you plan to use the Redshift Immersion Labs, section 1. Creating a Cluster, won’t be completely aligned with your permissions available in your development AWS account.
For example, since the AWS CloudFormation template provided in the labs attempts to create a VPC and you don’t have those permissions in your development AWS account, the template will not work in your environment. Instead, you can either follow the directions in the lab to use the AWS Management Console to create the dependencies and the cluster or, if you’re more adventurous, you could modify the CloudFormation template to exclude creation of the VPC and make other adjustments.
VPC
service.Subnets
.Create security group
.Name
column.Inbound Rules
.Edit rules
.Redshift
service.Config
and Subnet groups
.IAM
service.Roles
.Create role
.Redshift
.Redshift - Customizable
.Next: Permissions
.AmazonS3ReadOnlyAccess
and AWSGlueConsoleFullAccess
policies to the role.Set permissions boundary
.Use a permissions boundary...
.Next: Tags
and Next: Review
.Clusters
and Create cluster
.Cluster permissions
, select the IAM service role that you just created.