[netlify-build]

stayseesong · stayseesong · commit a3a7d2b1e0f4 · 2024-12-09T10:54:13.000-08:00
diff --git a/src/unify/data-graph/setup-guides/redshift-setup.md b/src/unify/data-graph/setup-guides/redshift-setup.md
@@ -11,6 +11,12 @@ redirect_from:
 
 Set up your Redshift data warehouse to Segment for the [Data Graph](/docs/unify/data-graph/).
 
+## Prerequisites
+
+To use Linked Audiences with Redshift, Segment requires you to configure [Profiles Synce materialized views for the Data Graph](/docs/unify/data-graph/#prerequisites). You can read more about [Profile Sync materialized views](/docs/unify/profiles-sync/tables/#tables-segment-materializes).  
+
+Even though Segment only supports Profile Sync materialized tables for the Data Graph, Linked Audiences require Profile Sync to be configured such that both the [Profile raw tables](/docs/unify/profiles-sync/tables/#profile-raw-tables) and the [Profile materialized tables](/docs/unify/profiles-sync/tables/#tables-segment-materializes) are synchronized with your Redshift instance.
+
 ## Getting started 
 
 You need to be an account admin to set up the Segment Redshift connector as well as write permissions for the `__segment_reverse_etl` dataset.
@@ -22,17 +28,25 @@ To get started with Redshift:
 ## Step 1: Roles and permissions
 Segment recommends you to create a new Redshift user and role with only the required permissions.
 
-1. Create a new role and user for the Segment Data Graph. This new role will only have access to the datasets you provide access to for the Data Graph.
+1. Create a new role and user for the Segment Data Graph. This new role will only have access to the datasets you provide access to for the Data Graph. Run the SQL commands in your Redshift cluster:
+
+  ```
+  -- Create a user with role for the Data Graph
+  CREATE ROLE SEGMENT_LINKED_ROLE;
+  CREATE USER SEGMENT_LINKED_USER PASSWORD "your_password";
+  GRANT ROLE SEGMENT_LINKED_ROLE TO SEGMENT_LINKED_USER;
+  ```
+
 2. Provide write access to the database as Segment requires this in order to create a schema for internal bookkeeping and to store checkpoint tables for the queries that are executed. Segment recommends you to create a new database for this purpose. This is also the database you'll be required to specify for the **Database Name** when connecting Redshift with the Segment app.
 
-## Step 2: Create database for Segment to store checkpoint tables
+## Step 2: Create a database for Segment to store checkpoint tables
 
 > info ""
 > Segment recommends you to create a new database for the Data Graph. If you choose to use an existing database that has also been used for [Segment Reverse ETL](/docs/connections/reverse-etl/), you must follow the [additional instructions](#update-user-access-for-segment-reverse-etl-schema) to update user access for the Segment Reverse ETL schema.
 
 Run the following SQL commands in your Redshift cluster:
 
-```sql
+```
 -- ******** SET UP THE FOLLOWING WAREHOUSE PERMISSIONS ********
 
 -- Create a user with role for the Data Graph
@@ -47,12 +61,14 @@ GRANT CREATE ON DATABASE SEGMENT_LINKED_PROFILES_DB TO ROLE SEGMENT_LINKED_ROLE;
 ```
 
 ## Step 3: Grant read-only access for the Data Graph
-Give the Segment role read-only access to additional schemas you want to use for Data Graph including the Profiles Sync database. 
+Grant the Segment role read-only access to additional schemas you want to use for the Data Graph including the Profiles Sync database. 
+
+To locate the Profile Sync database, navigate to **Unify > Profiles Sync > Settings > Connection Settings**. You will see the database and schema name. 
 
 ### Schemas
 Grant schema permissions based on customer need. See Amazon’s docs to view [schema permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"} and [example commands](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT-examples.html){:target="_blank"} that you can use to grant permissions. Repeat the following SQL query for each schema you want to use for the Data Graph.
 
-```sql
+```
 -- ********** REPEAT THE SQL QUERY BELOW FOR EACH SCHEMA YOU WANT TO USE FOR THE DATA GRAPH **********
 
 GRANT USAGE ON SCHEMA "the_schema_name" TO ROLE SEGMENT_LINKED_ROLE;
@@ -62,64 +78,47 @@ GRANT USAGE ON SCHEMA "the_schema_name" TO ROLE SEGMENT_LINKED_ROLE;
 Grant table permissions based on your needs. Learn more about [Amazon’s table permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"}.
 
 Table permissions can either be handled in bulk:
-```sql
+```
 -- query data from a all tables in a schema
 GRANT SELECT ON ALL TABLES IN SCHEMA "the_schema_name" TO ROLE SEGMENT_LINKED_ROLE;
 ```
 
 Or in a more granular fashion if needed: 
-```sql
+```
 -- query data from a specific table in a schema
 GRANT SELECT ON TABLE <schema-name>.<table-name> TO ROLE segment_linked_role;
 ```
 
+## Step 4: Validate permissions
+To verify you have set up the right permissions for a specific table, log in with the username and password you created for `SEGMENT_LINKED_USER` and run the following command to verify the role you created has the correct permissions. If this command succeeds, you should be able to view the respective table.
 
-## Create a new role and user
-
-Run the SQL commands below to create a role (`segment_entities`) and user (`segment_entities_user`).
-
-```sql
--- create role
-CREATE ROLE segment_entities;
-
--- allow the role to create new schemas on specified database. (This is the name you chose when provisioning your cluster)
-GRANT CREATE ON DATABASE "<enter database name here>" TO ROLE segment_entities;
-
--- create a user named "segment_entities_user" that Segment will use when connecting to your Redshift cluster. 
-CREATE USER segment_entities_user PASSWORD '<enter password here>';
-
--- grant role permissions to the user
-GRANT ROLE segment_entities TO segment_entities_user;
 ```
-
-## Grant access to schemas and tables
-
-You'll need to grant access to schemas and tables that you'd like to enrich with. This allows Segment to list schemas, tables, and columns, as well as create entities with data extracted and ingested to Segment.
-
-### Schemas
-
-Grant schema permissions based on customer need. Visit Amazon's docs to view [schema permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"} and [example commands](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT-examples.html){:target="_blank"} that you can use to grant permissions.
-
-```ts
--- view specific schemas in database
-GRANT USAGE ON SCHEMA <schema-name> TO ROLE segment_entities;
+SHOW SCHEMAS FROM DATABASE "THE_READ_ONLY_DB";
+SELECT * FROM "THE_READ_ONLY_DB.A_SCHEMA.SOME_TABLE" LIMIT 10;
 ```
 
-### Tables
-
-Grant table permissions based on customer need. Learn more about Amazon's [table permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"}.
-
-```ts
--- query data from a specific table in a schema
-GRANT SELECT ON TABLE <schema-name>.<table-name> TO ROLE segment_entities;
+## Step 5: Connect your warehouse to Segment
+To connect your warehouse to Segment:
+1. Navigate to **Unify > Data Graph**. This should be a Unify space with Profiles Sync already set up.
+2. Click **Connect warehouse**.
+3. Select **Redshift** as your warehouse type.
+4. Enter your warehouse credentials. Segment requires the following settings to connect to your Redshift warehouse:
+   * **Host Name:** The Redshift URL
+   * **Port:** The Redshift connection port
+   * **Database:** The only database that Segment requires write access to in order to create tables for internal bookkeeping. This database is referred to as `segment_linked_profiles_db` in the SQL above
+   * **Username:** The Redshift user that Segment uses to run SQL in your warehouse. This user is referred to as `segment_linked_user` in the sql above
+   * **Password:**  The password of the user above
+5. Test your connection, then click **Save**.
+
+## Update user access for Segment Reverse ETL dataset
+If Segment Reverse ETL ran in the project you are configuring as the Segment connection project, a Segment-managed dataset is already created, and you need to provide the new Segment user access to the existing dataset. Run the following SQL if you run into an error on the Segment app indicating that the user doesn’t have sufficient privileges on an existing `__segment_reverse_etl`.
+
+Run the following command:
 ```
+-- If you want to use an existing database that already has Segment Reverse ETL schemas, you’ll need to run some additional steps below to grant the role access to the existing schemas.
 
-### RETL table permissions
+GRANT USAGE, CREAT, DROP ON SCHEMA segment_connection_db.__segment_reverse_etl TO ROLE SEGMENT_LINKED_ROLE;
+GRANT CREATE TABLE ON SCHEMA identifier($retl_schema) TO ROLE SEGMENT_LINKED_ROLE;
 
-If you used RETL in your database, you'll need to add the following [table permissions](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html){:target="_blank"}:
-
-```ts
-GRANT USAGE, CREATE ON SCHEMA __segment_reverse_etl TO ROLE segment_entities;
-
-GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA __segment_reverse_etl TO ROLE segment_entities;
-```
+GRANT SELECT,INSERT,UPDATE,DELETE,DROP ON ALL TABLES IN SCHEMA segment_connection_db.__segment_reverse_etl TO ROLE SEGMENT_LINKED_ROLE;
+```
