User guide
Example 3: Manage clusters
The following policy allows a user to create, delete, modify, and reboot all clusters, and then denies
permission to delete any clusters whose name starts with protected.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"redshift:CreateCluster",
"redshift:DeleteCluster",
"redshift:ModifyCluster",
"redshift:RebootCluster"
],
"Resource": [
"*"
],
"Effect": "Allow"
},
{
"Action": [
"redshift:DeleteCluster"
],
"Resource": [
"arn:aws:redshift:us-east-1:0123456789012:cluster:protected*"
],
"Effect": "Deny"
}
]
}
API Version 2012-12-01
123
Amazon Redshift Management Guide
Example Policies for Amazon Redshift