In this article

Overview

Use this account type to connect Redshift Snaps with data sources that use Redshift Cross-Account IAM Role SSL Account. The Redshift Snaps support both Redshift Cluster and Redshift Serverless accounts.

Prerequisites

Access to the following folders:

Private project folder
Project Space’s shared folder
Global shared folder

Limitations

None.

Known Issues

None.

Account Settings

Parameter	Data Type	Description	Default Value	Example
Label*	String	Specify a unique label for the account.	N/A	Redshift_SSLCross_IAM_Account
JDBC Driver Class	String/Expression	Enter the JDBC Driver Class to use in your application.	com.amazon.redshift.jdbc42.Driver.	org.postgresql.Driver
JDBC JARs	Specify a list of JDBC jar files to be loaded. You can upload the Redshift driver(s) that can override the default `com.amazon.redshift.jdbc42.Driver`.
JDBC Driver	String/Expression	Select the JDBC driver to use. If you leave this field blank, the Default JDBC driver is used.	N/A	N/A
JDBC URL	String/Expression	Enter the URL of the JDBC database.	N/A	jdbc:redshift://hostname:port/database
Account properties*	Configure the information required to establish a database connection with the account.
Endpoint*	String/Expression	Enter the server's address to establish a connection.	N/A	fieldcluster.cvnsysusue7w2.us-east-1.redshift.amazonaws.com
Port number*	Numeric/Expression	Enter the database server's port to connect to the host.	5439	5439
Database name*	String/Expression	Enter the database name to connect.	N/A	weqter
Username	String/Expression	Enter the username to connect to the database. Username is used as the default username when retrieving connections. The username must be valid in order to set up the data source.	N/A	admin
Password	String/Expression	Enter the password to connect to the data source. Password is used as the default password when retrieving connections. The password must be valid in order to set up the data source.	N/A	N/A
S3 Bucket	String/Expression	Enter the external S3 Bucket name residing in an external AWS account, to use for staging data onto Redshift. This field is required when using Redshift Bulk Load, Redshift Bulk Upsert, Redshift S3 Upsert, and Redshift Unload Snaps.	N/A	sl-bucket-ca
S3 Folder	String/Expression	Enter the relative path to a folder in S3 Bucket. This is used as a root folder for staging data onto Redshift.	N/A	s3://sl-bucket/sfo
S3 Bucket Region	String/Expression	Enter the name of the region where the S3 bucket belongs. This field is required if the Redshift cluster and the S3 bucket are in the different regions.	N/A	us-east-2
S3 Bucket Write IAM Role ARN	String/Expression	Enter the IAM role to write to the S3 bucket which resides in an external AWS account. You need to have write and delete permissions in this role. This field is required when using Bulk load Snap (with input view data source), Bulk Upsert Snap, and Unload Snap.	N/A	arn:aws:iam::133198801419:role/IamRoleForCanary
External ID	String/Expression	Enter an optional external ID which is required by the role. This field is applicable only for streaming bulk load.	N/A	7609567
TrustStore	String/Expression	Enter the location of the trust store file. It can be located in SLDB or any other unauthenticated endpoint such as 'https://'. You can also browse for the location.	N/A	redshiftstore4
TrustStore Password	String/Expression	Enter the password for the truststore file.	N/A	12@^87
IAM properties (Redshift Cluster)	Specify the information for Redshift to communicate with IAM.
AWS account ID	String/Expression	Enter the ID of the Amazon Web Services account to be used for performing bulk load operation. This field is required when using Redshift Bulk Load, Redshift Bulk Upsert, Redshift S3 Upsert, and Redshift Unload Snaps.	N/A	763091233961
IAM role name	String/Expression	Enter the name of the IAM role associated with the target Redshift cluster to access the S3 bucket. redshift cluster to access the S3 bucket provided above. This field is required when using Redshift Bulk Load, Redshift Bulk Upsert, Redshift S3 Upsert, and Redshift Unload Snaps.	N/A	das-crossaccount-role1
S3 Bucket Read IAM Role	Specify the Cross-Account IAM properties information for Redshift to communicate with IAM.
IAM Role ARN	String/Expression	Enter the ARN of the IAM role set on the above S3 bucket. This field is required when using Redshift Bulk Load with input view data source, Redshift Bulk Upsert, Redshift S3 Upsert, and Redshift Unload Snaps.	N/A	arn:aws:iam::133198801419:role/cross-account-access-snap6776-das
Advanced properties	Specify advanced properties to support this account.
Auto commit	Checkbox	Select this check box to enable the Snap to commit offsets automatically as messages are consumed and sent to the output view. If the Snap fails, only the batch being executed at that moment is rolled back.	Selected	Deselected
Batch size*	Numeric/Expression	Required. Enter the number of statements to execute at a time. This field is required when using Redshift Bulk Load, Redshift Bulk Upsert, Redshift S3 Upsert, and Redshift Unload Snaps. User-defined types are not supported if a JDBC driver with a version other than 11.2.0.4.0 is set.	50	70
Fetch size*	Numeric/Expression	Required. Enter the number of rows to fetch at a time when executing a query. User-defined types are not supported if a JDBC driver with a version other than 11.2.0.4.0 is set.	100	56
Max pool size*	Numeric/Expression	Required. Enter the maximum number of connections that a pool maintains at a time. Redshift Bulk Load/Bulk Upsert/S3 Upsert Snap requires a minimum of two connections per Snap in a pipeline. For example, if a pipeline has a Redshift Bulk Load Snap and an S3 Upsert Snap, then the pool size must be greater than or equal to four for successful execution.	50	10
Max life time*	Numeric/Expression	Required. Enter the maximum lifetime of a connection in the pool. Ensure that the value you enter is a few seconds lesser than any database or infrastructure-imposed connection time limit. A value of 0 indicates an infinite lifetime, subject to the Idle Timeout value. An in-use connection is never retired. Connections are removed only after they are closed.	30	15
Idle Timeout*	Numeric/Expression	Required. Enter the maximum amount of time a connection that should remain idle in the pool. A value of 0 indicates that idle connections are never removed from the pool.	5	1
Checkout timeout	Numeric/Expression	Required. Enter the number of milliseconds to wait for a connection to be available when the pool is exhausted. If you provide 0, the Snap waits infinitely until the connection is available. Therefore, we recommend you not to specify 0 for Checkout Timeout.	1000	2000
URL Properties	Specify the URL properties associated to this account.
URL property name	Numeric/Expression	Enter the URL property name.	N/A	ssl
URL property value	Numeric/Expression	Enter the URL property value.	N/A	true

Account Encryption

Standard Encryption

If you are using Standard Encryption, the High sensitivity settings under Enhanced Encryption are followed.

Enhanced Encryption

If you have the Enhanced Account Encryption feature, the following describes which fields are encrypted for each sensitivity level selected per each account.

Account:

High: Password, S3 Access-key ID, S3 Secret key
Medium + High: Username, Password, S3 Access-key ID, S3 Secret key
Low + Medium + High: Endpoint, Database name, Username, Password, S3 Bucket, S3 Folder, S3 Access-key ID, S3 Secret key, URL property value

Troubleshooting

None.

Redshift Cross-Account IAM Role SSL Account

Overview

Prerequisites

Limitations

Known Issues

Account Settings

Account Encryption

Troubleshooting

Related Content