Amazon Redshift
Database Developer Guide (API Version 2012-12-01)

Step 1. Create an IAM Role for Amazon Redshift

Your cluster needs authorization to access your external data catalog in Amazon Athena and your data files in Amazon S3. You provide that authorization by referencing an AWS Identity and Access Management (IAM) role that is attached to your cluster. For more information about using roles with Amazon Redshift, see Authorizing COPY and UNLOAD Operations Using IAM Roles.

To create an IAM role for Amazon Redshift

  1. Open the IAM Console.

  2. In the navigation pane, choose Roles.

  3. Choose Create New Role.

  4. Choose AWS Service Role, and then scroll to Amazon Redshift. Choose Select.

  5. The Attach Policy page appears. Choose AmazonS3ReadOnlyAccess and AmazonAthenaFullAccess. Choose Next Step.

  6. For Role Name, type a name for your role, for example mySpectrumRole.

  7. Review the information, and then choose Create Role.

  8. Copy the Role ARN to your clipboard—this value is the Amazon Resource Name (ARN) for the role that you just created. You use that value when you create external tables to reference your data files on Amazon S3.