Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo

Redshift - Grant users access to system tables

0

Hi,

As a superuser, I'm trying to grant a non-superuser access to system tables. I tried running the below but no results are returned when the user ran the select query. Am I missing anything else? Not able to find specific documentation on this.

ALTER USER user SYSLOG ACCESS UNRESTRICTED;
GRANT SELECT ON TABLE SVV_DATASHARE_OBJECTS TO user;

select * from SVV_DATASHARE_OBJECTS;
posta 3 anni fa1723 visualizzazioni
1 Risposta
0

Currently, only users who have the ALTER and SHARE privileges can see the shares that they have privileges for. Therefore, SVV_DATASHARE_OBJECTS result is empty for any user that doesn't have permission on datashare, even with permission SYSLOG ACCESS UNSRESTRICTED.

As superuser, you can grant SHARE on the datashare to the user in order for the user to access the views.

Example: grant share on datashare <datashare_name> to <user_name>;

Once this is granted, the user should be able to view the data in SVV_DATASHARE_OBJECTS only for the datashares where access is granted.

One other workaround is to copy the data from SVV_DATASHARE_OBJECTS to a user table and grant SELECT access on this user table to the user.

AWS
TECNICO DI SUPPORTO
con risposta 2 anni fa
  • Is there a way to do this for cross-account datashares? Im my case, I have a datashare from AWS Account 1(Producer) thats accessible on AWS Account 2(Consumer). Running the below on Account 2 returns an error about the datashare not existing;

    grant share on datashare <datashare_name> to <user_name>;

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande