By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Redshift - Grant users access to system tables

0

Hi,

As a superuser, I'm trying to grant a non-superuser access to system tables. I tried running the below but no results are returned when the user ran the select query. Am I missing anything else? Not able to find specific documentation on this.

ALTER USER user SYSLOG ACCESS UNRESTRICTED;
GRANT SELECT ON TABLE SVV_DATASHARE_OBJECTS TO user;

select * from SVV_DATASHARE_OBJECTS;
Topics
Analytics
Tags
Amazon Redshift
Language
English
AWS-User-8809738
asked 2 years ago1157 views
1 Answer
0

Currently, only users who have the ALTER and SHARE privileges can see the shares that they have privileges for. Therefore, SVV_DATASHARE_OBJECTS result is empty for any user that doesn't have permission on datashare, even with permission SYSLOG ACCESS UNSRESTRICTED.

As superuser, you can grant SHARE on the datashare to the user in order for the user to access the views.

Example: grant share on datashare <datashare_name> to <user_name>;

Once this is granted, the user should be able to view the data in SVV_DATASHARE_OBJECTS only for the datashares where access is granted.

One other workaround is to copy the data from SVV_DATASHARE_OBJECTS to a user table and grant SELECT access on this user table to the user.

AWS
SUPPORT ENGINEER
AWS-User-4315904
answered 2 years ago
  • AWS-User-8809738
    2 years ago

    Is there a way to do this for cross-account datashares? Im my case, I have a datashare from AWS Account 1(Producer) thats accessible on AWS Account 2(Consumer). Running the below on Account 2 returns an error about the datashare not existing;

    grant share on datashare <datashare_name> to <user_name>;

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content