User guide

ManualsBrandsAmazon ManualsComputer equipmentRedshift

121

122

123

124

125

126

127

128

129

130

To create the Administrators group

1. Sign in to the AWS Management Console and open the IAM console at https://

console.aws.amazon.com/iam/.

2. In the navigation pane, click Groups, then click Create New Group.

3. In the Group Name box, type Administrators and then click Next Step.

4. In the list of policies, select the check box next to the AdministratorAccess policy.You can use the

Filter menu and the Search box to filter the list of policies.

5. Click Next Step, then click Create Group.

Your new group is listed under Group Name.

To create an IAM user for yourself, add the user to the Administrators group, and create

a password for the user

1. In the navigation pane, click Users and then click Create New Users.

2. In box 1, enter a user name. Clear the check box next to Generate an access key for each user,

then click Create.

3. In the list of users, click the name (not the check box) of the user you just created.You can use the

Search box to search for the user name.

4. In the Groups section, click Add User to Groups.

5. Select the check box next to the Administrators group, then click Add to Groups.

6. Scroll down to the Security Credentials section. Under Sign-In Credentials, click Manage Password.

7. Select Assign a custom password, then enter a password in the Password and Confirm Password

boxes. When you are finished, click Apply.

IAM Policy Elements for Amazon Redshift

You create IAM policies to specify which Amazon Redshift actions and resources each IAM user or group

has permission to perform. A policy is a JSON document that contains one or more statements; each

statement contains elements defining the permissions authorized by the statement.

Within an IAM policy statement, Amazon Redshift supports the following IAM policy elements:

• Action, which specifies the action to which the policy applies.

• Effect, which specifies whether the action is allowed or denied.

• Resource, which specifies the resource or resources to which the policy applies.

For more information about IAM policy elements, go to IAM Policy Elements Reference in Using IAM.

The following example shows a policy that allows a user or group to create snapshots from any cluster

whose name starts with my-cluster.

{

"Version": "2012-10-17",

"Statement": [

{

"Action": [

"redshift:CreateClusterSnapshot"

"Effect": "Allow",

API Version 2012-12-01

117

Amazon Redshift Management Guide

IAM Policy Elements for Amazon Redshift