📘

Admin credentials required

To complete this guide, you will need admin credentials to your Redshift cluster.

This guide explains how to create a read-only service account for Monte Carlo on Redshift.

To review all steps necessary to integrate a data warehouse with Monte Carlo, please see here.

Creating a service account

Please use the following SQL snippet to create a service account for Monte Carlo:

CREATE USER <username> PASSWORD ‘<password>’ SYSLOG ACCESS UNRESTRICTED
GRANT SELECT ON svv_table_info to <username>
GRANT SELECT ON ALL TABLES IN SCHEMA <schema_name> [, …] to <username>
GRANT USAGE ON SCHEMA <schema_name> [, …] to <username>
GRANT USAGE ON SCHEMA <external_schema> [, …] to <username>
ALTER DEFAULT PRIVILEGES FOR USER <user_creating_tables> [, …] IN SCHEMA <schema_name> [, …] GRANT SELECT ON TABLES TO <username>

Before using the snippet, you will need to populate the following:

  • <username>: Service account username, typically "monte_carlo".
  • <password>: Strong password to be used by the service account user.
  • <schema_name>: Redshift schema(s) to be monitored. Please note you can provide a list of schemas in a single statement.
  • <external_schema>: Redshift Spectrum schema(s) – where external tables are defined – to be monitored. Please note you can provide a list of schemas in a single statement.
  • <user_creating_tables>: Redshift user(s) that create/update tables and external tables, typically the user(s) used by your ETL jobs. Please note you can provide a list of such users in a single statement.

Please note:

  • syslog permissions allow Monte Carlo to to read query logs from all users.
  • select permissions on svv_table_info allow Monte Carlo to to read metadata about tables in your warehouse.
  • select and usage permissions on schemas allow Monte Carlo to track health for tables in the given schemas.
  • usage permissions on external schemas allow Monte Carlo to to track health for external tables in the given schemas.
  • Default privileges set for ETL users make sure that Monte Carlo maintains access to tables as ETL jobs run and update/create tables.

Did this page help you?