|
2 | 2 | title: Redshift Data Graph Setup |
3 | 3 | beta: true |
4 | 4 | plan: unify |
5 | | -hidden: true |
6 | 5 | redirect_from: |
7 | 6 | - '/unify/linked-profiles/setup-guides/redshift-setup' |
8 | 7 | --- |
9 | 8 |
|
10 | | -> info "Linked Audiences is in public beta" |
11 | | -> Linked Audiences (with Data Graph, Linked Events) is in public beta, and Segment is actively working on this feature. Some functionality may change before it becomes generally available. |
12 | | -
|
13 | 9 | > info "" |
14 | | -> At this time, you can only use Redshift with Linked Events. |
| 10 | +> Redshift for Data Graph is in beta and Segment is actively working on this feature. Some functionality may change before it becomes generally available. This feature is governed by Twilio Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}. |
15 | 11 |
|
16 | | -On this page, you'll learn how to connect your Redshift data warehouse to Segment. |
| 12 | +Set up your Redshift data warehouse to Segment for the [Data Graph](/docs/unify/data-graph/). |
17 | 13 |
|
18 | 14 | ## Getting started |
19 | 15 |
|
| 16 | +You need to be an account admin to set up the Segment Redshift connector as well as write permissions for the `__segment_reverse_etl` dataset. |
| 17 | + |
20 | 18 | To get started with Redshift: |
21 | 19 | 1. Log in to Redshift and select the Redshift cluster you want to connect. |
22 | | -2. Follow these [networking instructions](/docs/connections/storage/catalog/redshift/#networking) to configure network and security settings. |
| 20 | +2. Follow the [networking instructions](/docs/connections/storage/catalog/redshift/#networking) to configure network and security settings. |
| 21 | + |
| 22 | +## Step 1: Roles and permissions |
| 23 | +Segment recommends you to create a new Redshift user and role with only the required permissions. |
| 24 | + |
| 25 | +1. Create a new role and user for the Segment Data Graph. This new role will only have access to the datasets you provide access to for the Data Graph. |
| 26 | +2. Provide write access to the database as Segment requires this in order to create a schema for internal bookkeeping and to store checkpoint tables for the queries that are executed. Segment recommends you to create a new database for this purpose. This is also the database you'll be required to specify for the **Database Name** when connecting Redshift with the Segment app. |
| 27 | + |
| 28 | +## Step 2: Create database for Segment to store checkpoint tables |
| 29 | + |
| 30 | +> info "" |
| 31 | +> Segment recommends you to create a new database for the Data Graph. If you choose to use an existing database that has also been used for [Segment Reverse ETL](/docs/connections/reverse-etl/), you must follow the [additional instructions](#update-user-access-for-segment-reverse-etl-schema) to update user access for the Segment Reverse ETL schema. |
| 32 | +
|
| 33 | +Run the following SQL commands in your Redshift cluster: |
| 34 | + |
| 35 | +```sql |
| 36 | +-- ******** SET UP THE FOLLOWING WAREHOUSE PERMISSIONS ******** |
| 37 | + |
| 38 | +-- Create a user with role for the Data Graph |
| 39 | +CREATE ROLE SEGMENT_LINKED_ROLE; |
| 40 | +CREATE USER SEGMENT_LINKED_USER PASSWORD "your_password"; |
| 41 | +GRANT ROLE SEGMENT_LINKED_ROLE TO SEGMENT_LINKED_USER; |
| 42 | + |
| 43 | +-- Create and Grant access to a Segment internal DB used for bookkeeping. This is the only DB that Segment requires write access to. This is also the DB you will use in the "Database Name" config while setting up the connection in the Segment app. |
| 44 | + |
| 45 | +CREATE DATABASE SEGMENT_LINKED_PROFILES_DB; |
| 46 | +GRANT CREATE ON DATABASE SEGMENT_LINKED_PROFILES_DB TO ROLE SEGMENT_LINKED_ROLE; |
| 47 | +``` |
| 48 | + |
| 49 | +## Step 3: Grant read-only access for the Data Graph |
| 50 | +Give the Segment role read-only access to additional schemas you want to use for Data Graph including the Profiles Sync database. |
| 51 | + |
| 52 | +### Schemas |
| 53 | +Grant schema permissions based on customer need. See Amazon’s docs to view [schema permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"} and [example commands](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT-examples.html){:target="_blank"} that you can use to grant permissions. Repeat the following SQL query for each schema you want to use for the Data Graph. |
| 54 | + |
| 55 | +```sql |
| 56 | +-- ********** REPEAT THE SQL QUERY BELOW FOR EACH SCHEMA YOU WANT TO USE FOR THE DATA GRAPH ********** |
| 57 | + |
| 58 | +GRANT USAGE ON SCHEMA "the_schema_name" TO ROLE SEGMENT_LINKED_ROLE; |
| 59 | +``` |
| 60 | + |
| 61 | +### Table |
| 62 | +Grant table permissions based on your needs. Learn more about [Amazon’s table permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"}. |
| 63 | + |
| 64 | +Table permissions can either be handled in bulk: |
| 65 | +```sql |
| 66 | +-- query data from a all tables in a schema |
| 67 | +GRANT SELECT ON ALL TABLES IN SCHEMA "the_schema_name" TO ROLE SEGMENT_LINKED_ROLE; |
| 68 | +``` |
| 69 | + |
| 70 | +Or in a more granular fashion if needed: |
| 71 | +```sql |
| 72 | +-- query data from a specific table in a schema |
| 73 | +GRANT SELECT ON TABLE <schema-name>.<table-name> TO ROLE segment_linked_role; |
| 74 | +``` |
| 75 | + |
23 | 76 |
|
24 | 77 | ## Create a new role and user |
25 | 78 |
|
|
0 commit comments