Redshift

IP RESTRICTIONS

Make sure to allow traffic from one of the Paradime IPs in your firewall depending on the data location selected.

👉 See also: Paradime IP addresses.

We advise creating a new Redshift user and grant the suggested access required to create tables and views in your Production database.

Create a Redshift user

In Redshift, you can run the below script to create a new user and grant access to your database/schema. Make sure you run these commands as an Account Admin.

Suggested permissions

This set of permissions will enable Paradime to read from and create tables and views when running production jobs in you Redshift database.

-- create group
create group transformer;

-- create user and assign to group
create user paradime_prod_user
    password '<generate_password>'
    in group transformer;

-- grant privileges to the user group
grant select on all tables in schema information_schema to group transformer;
grant select on all tables in schema pg_catalog to group transformer;

-- for each schema:
grant usage on schema <schema_name> to group transformer;
grant select on all tables in schema <schema_name> to group transformer;

-- grant privileges to user group to create in database
grant create on database <your_database> to group transformer;

Maintain privileges

In Redshift after each dbt™️ run in production you need to make sure to grants the correct privileges as Redshift doesn't not support grant on future schemas.

The paradime_prod_user user should be able to read new schemas created in your production runs.

Check this guide on using grants and hooks.

Add Scheduler Connection

To add the Redshift Scheduler connection, go to account settings > connections, select Scheduler Environment and enter the required fields.

Fields Details

Below are list of fields and example to create a connection.

Field
Description
Example

Profile Name

The profile name set in your dbt_project.yaml . See more here.

dbt-redshift

Target

The target name used to identify the connection. See more here.

prod

Host Name

The hostname of the Redshift database to connect to.

xxx.eu-west-2.amazonaws.com

Port

Usually 5439 for Redshift.

5439

Database

The name of your Redshift production database.

analytics

Username

The username created with access to the production database.

prod_user

Password

The password set for the user created in Redshift.

password_xyz

Schema

The default schema used to build dbt™️ objects at runtime.

dbt_prod

Threads

The number of threads used in this connection. See more here.

8

Last updated