Why can't I connect to the AmazonRedshiftQueryEditor in Amazon Redshift?

2 minute read
1

I'm trying to connect to the Amazon Redshift Query Editor, but I'm getting "User not authorized" and "Access denied" errors.

Resolution

Find your Amazon Redshift cluster to connect to the query editor

Important: Be sure you're logged in to the same AWS Region where your Amazon Redshift cluster is present.

Both query editor v1 and query editor v2 support connecting to the following provisioned Redshift cluster types:

  • DC2.large
  • DC2.8xlarge
  • DS2.xlarge
  • DS2.8xlarge
  • RA3.xplus
  • RA3.4xlarge
  • RA3.16xlarge

Note: You can't query data in Amazon Redshift Serverless using the query editor v1. You must use Amazon Redshift query editor v2 instead.

Getting a "User not authorized" or "Access denied" error when connecting to the query editor with Amazon Redshift

You must have the correct permissions to access the query editor. To turn on access for query editor v1 or v2, do the following:

For query editor v1

To turn on access, attach the AmazonRedshiftQueryEditor and AmazonRedshiftReadOnlyAccess policies for AWS Identity and Access Management (IAM) to the user that accesses your Redshift cluster.

AmazonRedshiftQueryEditor is an AWS managed policy that allows the redshift:GetClusterCredentials action. By default, the redshift:GetClusterCredentials action provides a superuser access to the database.

For more information about how to provide a superuser access from the console, see Enabling access to the query editor.

For query editor v2

To turn on access, attach the AmazonRedshiftReadOnlyAccess policy and one of the following IAM policies to the user that accesses your Redshift cluster:

  • AmazonRedshiftQueryEditorV2FullAccess
  • AmazonRedshiftQueryEditorV2NoSharing
  • AmazonRedshiftQueryEditorV2ReadSharing
  • AmazonRedshiftQueryEditorV2ReadWriteSharing

For more information, see Accessing the query editor v2.

To access the query editor v2 as a federated user, see Setting up principal tags to connect to query editor v2 as a federated user.


AWS OFFICIAL
AWS OFFICIALUpdated a year ago