Posted On: Nov 18, 2021
HAQM Redshift now simplifies the use of other services such as HAQM S3, HAQM SageMaker, AWS Lambda, HAQM Aurora, and AWS Glue by allowing customers to create an IAM role from the Redshift console and assigning it as the default IAM role while creating an HAQM Redshift cluster. The default IAM role helps simplify SQL operations such as COPY, UNLOAD, CREATE, EXTERNAL FUNCTION, CREATE EXTERNAL TABLE, CREATE EXTERNAL SCHEMA, CREATE MODEL, or CREATE LIBRARY that accesses other AWS services by eliminating the need to specify the HAQM Resource Name (ARN) for the IAM role .
HAQM Redshift now provides a new managed IAM policy HAQMRedshiftAllCommandsFullAccess policy that has required privileges to use other related services such as S3, SageMaker, Lambda, Aurora, and Glue. This policy is used for creating the default IAM role with HAQM Redshift console. The end users can use the default IAM role with COPY, UNLOAD, CREATE, EXTERNAL FUNCTION, CREATE EXTERNAL TABLE, CREATE EXTERNAL SCHEMA, CREATE MODEL, or CREATE LIBRARY commands by specifying IAM_ROLE with DEFAULT keyword without having to specify ARN for the IAM role.
This feature is now available in all AWS commercial regions except eu-south-1, af-south-1, and ap-northeast-3. You can find more information about the IAM role from the Redshift cluster management guide.