This website uses cookies. By browsing this website, you consent to the use of cookies. Learn more.
OK
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Community Conundrum 10: The Titanic is now live Learn more

Restrict the Schema Visibility in Redshift JDBC

raviagrawal
Level 3
Level 3
3 weeks ago
Restrict the Schema Visibility in Redshift JDBC

Hi,

We are using the redshift as source for dataiku but while doing search/import user can see all the schema's and tables even if he do not have access on that. Is there a way that schema  visibility can be restricted to couple of schema's only.

Regards,

Ravi Agrawal

 

 

Reply
1 Reply
Clément_Stenac
Dataiker
Dataiker
3 weeks ago

Hi,

There are two use cases here:

  • If your Redshift connection is configured with per-user-credentials (i.e. each user enters his own Redsfhit username/password combination), then each user who goes into the connection explorer will only see the tables that his Redshift user is allowed to see. The burden of making sure that grants on Redshift are correct falls on your Redshift DBA.

 

  • If your Redshift connection is configured with a single global credential, then DSS has no way to guess which schemas "should" be visible by each user. In essence, all connections from DSS to Redshift are performed as a single user with a single security context. Even if DSS tried to perform some filtering in the connections explorer, it would be very easy for the user to workaround by writing custom SQL.

 

So you have two options:

  • Either user per-user credentials. This is the most recommended method.
  • Or create multiple Redshift connections, with different users, and leverage the "Freely usable by" setting in DSS to give differentiated access to the connection. Beware that this second solution makes cross-connection flows more complicated.

 

Reply