Amazon Redshift API permissions reference

When you set up Access control, you write permission policies that you can attach to an IAM identity (identity-based policies). For detailed reference information, see the following topics in the Service Authorization Reference:

Actions, resources, and condition keys for Amazon Redshift that use the redshift: prefix.
Actions, resources, and condition keys for Amazon Redshift Serverless that use the redshift-serverless: prefix.
Actions, resources, and condition keys for Amazon Redshift Data API that use the redshift-data: prefix.
Actions, resources, and condition keys for AWS SQL Workbench (Amazon Redshift query editor v2) that use the sqlworkbench: prefix.

The query editor v2 includes permission-only actions that don't directly correspond to an API operation. These actions are indicated in the Service Authorization Reference with [permission only].

The Service Authorization Reference contains information about which API operations can be used in an IAM policy. It also includes the AWS resource for which you can grant the permissions, and condition keys that you can include for fine-grained access control. For more information about conditions, see Using IAM policy conditions for fine-grained access control.

You specify the actions in the policy's Action field, the resource value in the policy's Resource field, and conditions in the policy's Condition field. To specify an action for Amazon Redshift, use the redshift: prefix followed by the API operation name (for example, redshift:CreateCluster).

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Native identity provider (IdP) federation for Amazon Redshift

Using service-linked roles