Amazon Redshift announces tag-based permissions, default access privileges, and BZIP2 compression format

Posted on: Dec 10, 2015

Tag-based, resource-level permissions and the ability to apply default access privileges to new database objects make it easier to manage access control in Amazon Redshift. In addition, you can now use the Amazon Redshift COPY command to load data in BZIP2 compression format. More details on these features below:

• Tag-based, resource-level permissions: You can restrict the creation and modification of resources, such as clusters and snapshots, to specific AWS IAM users, based on resource tags. For example, you can allow specific users to modify Amazon Redshift clusters only if those clusters are tagged as "development." For more details, refer to IAM Policy Elements for Amazon Redshift.
  
• Default privileges to new database objects: Using the ALTER DEFAULT PRIVILEGES command, you can now define the set of access privileges to be applied automatically to database objects created in the future by a specified user. You can apply default privileges to users or to user groups. You can set default privileges globally for all objects created in the current database, or only for objects created in specified schemas. To learn more, refer to ALTER DEFAULT PRIVILEGES.
  
• BZIP2 data format: The COPY command now accepts data in BZIP2 compression format, in addition to GZIP and LZOP formats, when loading data into Amazon Redshift. Refer to Data Format Parameters for more details.