Redshift serverless External Schema access

Question

I created an external schema (for glue data catalog and subsequent s3 data) in Redshift Serverless using query editor v2.
For the IAM role I used 'SESSION' to make sure that all the users that are accessing the schema tables will need to provide individual IAM session tokens and do through the Lake Formation for each user/role.

```
CREATE external SCHEMA glue_catalog_2
FROM data catalog DATABASE 'my_database'
IAM_ROLE 'SESSION'
CATALOG_ID 'my_acc_id'
```
I can access the schema from my python code however I can't see tables in it using RS query editor v2. When I am trying to grant the access to this schema for my AWS Console role

```
GRANT ALL ON external SCHEMA glue_catalog_2 to iam_role 'my-role-arn';
```
I get the error 'ERROR: No session credential found'

**Questions**
1. Is it possible to achieve behavior described above and see that schema in RS query editor?
2. When the external schema is using the SESSION access type, is it possible to create materialized view using data in that schema and how will access to it be controlled for other users

Answer

Make sure you are logging on to database in QEv2 using Federated user for authentication. If still you cannot see the objects then try `grant usage on  to "IAMR:";`

Once a materialized view is created then it becomes a local object in Redshift and the data is now stored in Redshift. You can control access to it as if its a table using standard GRANT statements.

Redshift serverless External Schema access

相关内容