IAM policy requirements for accessing clusters and namespaces registered to the Data Catalog

This topic describes the required IAM permissions for registering provisioned clusters and serverless namespaces to the Data Catalog and accessing them with Amazon Redshift.

After you register a provisioned cluster or serverless namespace to the AWS Glue Data Catalog, you need the following permissions to discover the creation of and changes to the subsequently created catalog.

glue:GetCatalog
glue:GetCatalogs
lakeformation:GetDataAccess

These permissions are included in the service-linked role AmazonRedshiftServiceLinkedRolePolicy. For more information on this role, see Using service-linked roles for Amazon Redshift in the Amazon Redshift Management Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Apache Iceberg compatibility

Registering clusters and namespaces