En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation

Redshift - Grant users access to system tables

0

Hi,

As a superuser, I'm trying to grant a non-superuser access to system tables. I tried running the below but no results are returned when the user ran the select query. Am I missing anything else? Not able to find specific documentation on this.

ALTER USER user SYSLOG ACCESS UNRESTRICTED;
GRANT SELECT ON TABLE SVV_DATASHARE_OBJECTS TO user;

select * from SVV_DATASHARE_OBJECTS;
demandé il y a 2 ans1,7 k vues
1 réponse
0

Currently, only users who have the ALTER and SHARE privileges can see the shares that they have privileges for. Therefore, SVV_DATASHARE_OBJECTS result is empty for any user that doesn't have permission on datashare, even with permission SYSLOG ACCESS UNSRESTRICTED.

As superuser, you can grant SHARE on the datashare to the user in order for the user to access the views.

Example: grant share on datashare <datashare_name> to <user_name>;

Once this is granted, the user should be able to view the data in SVV_DATASHARE_OBJECTS only for the datashares where access is granted.

One other workaround is to copy the data from SVV_DATASHARE_OBJECTS to a user table and grant SELECT access on this user table to the user.

AWS
INGÉNIEUR EN ASSISTANCE TECHNIQUE
répondu il y a 2 ans
  • Is there a way to do this for cross-account datashares? Im my case, I have a datashare from AWS Account 1(Producer) thats accessible on AWS Account 2(Consumer). Running the below on Account 2 returns an error about the datashare not existing;

    grant share on datashare <datashare_name> to <user_name>;

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions