Using IDP (AAD) to login to Redshift Query Editor v2

0

Hello,

Here is my current situation where I need some help ;)

  • I created user groups in Azure Active Directory and added users to it
  • I connected AAD with AWS
  • I have a redshift database with tables and granted certain rights to the groups (the ones in AAD)
  • I connect to Power BI using my Office 365 account and can connect flawless to the data in Redshift

But I want the same functionality when logging on to the Redshift Query editor v2. Since I am already logged into the AWS environment, using IDP settings I was hoping/expecting that with these credentials I automatically could connect to the Redshift database with access to the data that was assigned to the group(s) I am member of.

What is the best way to configure it like this, so far I didn't find a solution that worked for me.

Looking forward to the answers.

René

2 réponses
0

Thank you ver my much, I will have a look into this!

Rene
répondu il y a 5 mois
0

This demo in re:Invent2023 session: "AWS re:Invent 2023 - Simplify and improve access control for your AWS analytics services (SEC245)" shows a solution using the newly released feature called Trusted Identity Propagation.

(that demo uses Okta instead of AAD but it should work the same way)

The following link takes you to the time at 31:16: https://youtu.be/Iwr0JihOevs?t=1876, which shows the authentication using the Identity Center single sign on session from Okta.

Also refer to this blog for technical details of the solution: https://aws.amazon.com/blogs/big-data/integrate-okta-with-amazon-redshift-query-editor-v2-using-aws-iam-identity-center-for-seamless-single-sign-on/

AWS
répondu il y a 5 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions