166 actions in the redshift service. Select an action to see its access level, resource ARNs, condition keys, and a copy-paste IAM policy.
Grants permission to exchange a DC1 reserved node for a DC2 reserved node with no changes to the configuration
Grants permission to add a partner integration to a cluster
Grants permission to associate a consumer to a datashare
Grants permission to add an inbound (ingress) rule to an Amazon Redshift security group
Grants permission to authorize the specified datashare consumer to consume a datashare
Grants permission to authorize endpoint related activities for redshift-managed vpc endpoint
Grants permission to Amazon Redshift to continuously validate that the target namespace can receive data replicated from the source ARN
Grants permission to the specified AWS account to restore a snapshot
Grants permission to delete snapshots in a batch of size upto 100
Grants permission to modify settings for a list of snapshots
Grants permission to cancel a query through the Amazon Redshift console
Grants permission to see queries in the Amazon Redshift console
Grants permission to cancel a resize operation
Grants permission to copy a cluster snapshot
Grants permission to create an Amazon Redshift authentication profile
Grants permission to create a cluster
Grants permission to create an Amazon Redshift parameter group
Grants permission to create an Amazon Redshift security group
Grants permission to create a manual snapshot of the specified cluster
Grants permission to create an Amazon Redshift subnet group
Grants permission to automatically create the specified Amazon Redshift user if it does not exist
Grants permission to create a custom domain name for a cluster
Grants permission to create a redshift-managed vpc endpoint
Grants permission to create an Amazon Redshift event notification subscription
Grants permission to create an HSM client certificate that a cluster uses to connect to an HSM
Grants permission to create an HSM configuration that contains information required by a cluster to store and use database encryption keys in a hardware security module (HSM)
Grants permission to the source principal to create an integration into the namespace of target data warehouse
Grants permission to create an Amazon Redshift zero-ETL integration
Grants permission to create a qev2 idc application
Grants permission to create a redshift idc application
Grants permission to create saved SQL queries through the Amazon Redshift console
Grants permission to create an Amazon Redshift scheduled action
Grants permission to create a snapshot copy grant and encrypt copied snapshots in a destination AWS Region
Grants permission to create a snapshot schedule
Grants permission to add one or more tags to a specified resource
Grants permission to create a usage limit
Grants permission to remove permission from the specified datashare consumer to consume a datashare
Grants permission to delete an Amazon Redshift authentication profile
Grants permission to delete a previously provisioned cluster
Grants permission to delete an Amazon Redshift parameter group
Grants permission to delete an Amazon Redshift security group
Grants permission to delete a manual snapshot
Grants permission to delete a cluster subnet group
Grants permission to delete a custom domain name for a cluster
Grants permission to delete a redshift-managed vpc endpoint
Grants permission to delete an Amazon Redshift event notification subscription
Grants permission to delete an HSM client certificate
Grants permission to delete an Amazon Redshift HSM configuration
Grants permission to delete an Amazon Redshift zero-ETL integration
Grants permission to delete a partner integration from a cluster
Grants permission to delete a qev2 idc application
Grants permission to delete a redshift idc application
Grants permission to delete the resource policy for a specified resource
Grants permission to delete saved SQL queries through the Amazon Redshift console
Grants permission to delete an Amazon Redshift scheduled action
Grants permission to delete a snapshot copy grant
Grants permission to delete a snapshot schedule
Grants permission to delete a tag or tags from a resource
Grants permission to delete a usage limit
Grants permission to deregister the specified namespace from a consumer
Grants permission to describe attributes attached to the specified AWS account
Grants permission to describe created Amazon Redshift authentication profiles
Grants permission to describe the list of resources that are denylisted from global autonomics decisions for a specified cluster
Grants permission to describe database revisions for a cluster
Grants permission to describe Amazon Redshift parameter groups, including parameter groups you created and the default parameter group
Grants permission to describe parameters contained within an Amazon Redshift parameter group
Grants permission to describe properties of provisioned clusters
Grants permission to describe Amazon Redshift security groups
Grants permission to describe one or more snapshot objects, which contain metadata about your cluster snapshots
Grants permission to describe one or more cluster subnet group objects, which contain metadata about your cluster subnet groups
Grants permission to describe available maintenance tracks
Grants permission to describe available Amazon Redshift cluster versions
Grants permission to describe custom domain names for a cluster
Grants permission to describe datashares created and consumed by your clusters
Grants permission to describe only datashares consumed by your clusters
Grants permission to describe only datashares created by your clusters
Grants permission to describe parameter settings for a parameter group family
Grants permission to describe redshift-managed vpc endpoints
Grants permission to authorize describe activity for redshift-managed vpc endpoint
Grants permission to describe event categories for all event source types, or for a specified source type
Grants permission to describe events related to clusters, security groups, snapshots, and parameter groups for the past 14 days
Grants permission to describe Amazon Redshift event notification subscriptions for the specified AWS account
Grants permission to describe HSM client certificates
Grants permission to describe Amazon Redshift HSM configurations
Grants permission to list the inbound integrations
Grants permission to describe an Amazon Redshift zero-ETL integration
Grants permission to describe whether information, such as queries and connection attempts, is being logged for a cluster
Grants permission to describe properties of possible node configurations such as node type, number of nodes, and disk usage for the specified action type
Grants permission to describe orderable cluster options
Grants permission to retrieve information about the partner integrations defined for a cluster
Grants permission to describe qev2 idc applications
Grants permission to describe a query through the Amazon Redshift console
Grants permission to describe redshift idc applications
Grants permission to describe exchange status details and associated metadata for a reserved-node exchange. Statuses include such values as in progress and requested
Grants permission to describe available reserved node offerings by Amazon Redshift
Grants permission to describe the reserved nodes
Grants permission to describe the last resize operation for a cluster
Grants permission to describe saved queries through the Amazon Redshift console
Grants permission to describe created Amazon Redshift scheduled actions
Grants permission to describe snapshot copy grants owned by the specified AWS account in the destination AWS Region
Grants permission to describe snapshot schedules
Grants permission to describe account level backups storage size and provisional storage
Grants permission to describe a table through the Amazon Redshift console
Grants permission to describe status of one or more table restore requests made using the RestoreTableFromClusterSnapshot API action
Grants permission to describe tags
Grants permission to describe usage limits
Grants permission to disable logging information, such as queries and connection attempts, for a cluster
Grants permission to disable the automatic copy of snapshots for a cluster
Grants permission to disassociate a consumer from a datashare
Grants permission to enable logging information, such as queries and connection attempts, for a cluster
Grants permission to enable the automatic copy of snapshots for a cluster
Grants permission to execute a query through the Amazon Redshift console
Grants permission to failover the primary compute of an Multi-AZ cluster to another AZ
Grants permission to fetch query results through the Amazon Redshift console
Grants permission to get temporary credentials to access an Amazon Redshift database by the specified AWS account
Grants permission to get enhanced temporary credentials to access an Amazon Redshift database by the specified AWS account
Grants permission to get an authorized token for Identity Center users to access Redshift clusters
Grants permission to get the configuration options for the reserved-node exchange
Grants permission to get an array of DC2 ReservedNodeOfferings that matches the payment type, term, and usage price of the given DC1 reserved node
Grants permission to get the resource policy for a specified resource
Grants permission to join the specified Amazon Redshift group
Grants permission to list databases through the Amazon Redshift console
Grants permission to list Advisor recommendations
Grants permission to list saved queries through the Amazon Redshift console
Grants permission to list schemas through the Amazon Redshift console
Grants permission to list tables through the Amazon Redshift console
Grants permission to modify the AQUA configuration of a cluster
Grants permission to modify an existing Amazon Redshift authentication profile
Grants permission to add or remove resources from the global autonomics denylist for a specified cluster
Grants permission to modify the settings of a cluster
Grants permission to modify the database revision of a cluster
Grants permission to modify the list of AWS Identity and Access Management (IAM) roles that can be used by a cluster to access other AWS services
Grants permission to modify the maintenance settings of a cluster
Grants permission to modify the parameters of a parameter group
Grants permission to modify the settings of a snapshot
Grants permission to modify a snapshot schedule for a cluster
Grants permission to modify a cluster subnet group to include the specified list of VPC subnets
Grants permission to modify a custom domain name for a cluster
Grants permission to modify a redshift-managed vpc endpoint
Grants permission to modify an existing Amazon Redshift event notification subscription
Grants permission to modify an Amazon Redshift zero-ETL integration
Grants permission to modify a qev2 idc application
Grants permission to modify a redshift idc application
Grants permission to modify an existing saved query through the Amazon Redshift console
Grants permission to modify an existing Amazon Redshift scheduled action
Grants permission to modify the number of days to retain snapshots in the destination AWS Region after they are copied from the source AWS Region
Grants permission to modify a snapshot schedule
Grants permission to modify a usage limit
Grants permission to pause a cluster
Grants permission to purchase a reserved node
Grants permission to update the resource policy for a specified resource
Grants permission to reboot a cluster
Grants permission to register the specified namespace to a consumer
Grants permission to decline a datashare shared from another account
Grants permission to set one or more parameters of a parameter group to their default values and set the source values of the parameters to "engine-default"
Grants permission to change the size of a cluster
Grants permission to create a cluster from a snapshot
Grants permission to create a table from a table in an Amazon Redshift cluster snapshot
Grants permission to resume a cluster
Grants permission to revoke an ingress rule in an Amazon Redshift security group for a previously authorized IP range or Amazon EC2 security group
Grants permission to revoke access for endpoint related activities for redshift-managed vpc endpoint
Grants permission to revoke access from the specified AWS account to restore a snapshot
Grants permission to rotate an encryption key for a cluster
Grants permission to update the status of a partner integration
Grants permission to view query results through the Amazon Redshift console
Grants permission to terminate running queries and loads through the Amazon Redshift console