AWS::Redshift::EndpointAuthorization

Redshift EndpointAuthorization

Describes an endpoint authorization for authorizing Redshift-managed VPC endpoint access to a cluster across AWS accounts.

Properties

4 configurable properties. 2 required. Click a row to see details.

Filter:

Property	Type	Flags
`Account`	`string`	RequiredCreate-only
`ClusterIdentifier`	`string`	RequiredCreate-only
`Force`	`boolean`	Write-only
`VpcIds`	`Array<string>`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`AllowedAllVPCs`	`boolean`	Indicates whether all VPCs in the grantee account are allowed access to the cluster.
`AllowedVPCs`	`Array<string>`	The VPCs allowed access to the cluster.
`AuthorizeTime`	`string`	The time (UTC) when the authorization was created.
`ClusterStatus`	`string`	The status of the cluster.
`EndpointCount`	`integer`	The number of Redshift-managed VPC endpoints created for the authorization.
`Grantee`	`string`	The AWS account ID of the grantee of the cluster.
`Grantor`	`string`	The AWS account ID of the cluster owner.
`Status`	`string`	The status of the authorization action.

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::Redshift::EndpointAuthorization

Resources:
  MyResource:
    Type: AWS::Redshift::EndpointAuthorization
    Properties:
      ClusterIdentifier: "my-clusteridentifier"
      Account: "value"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

read

redshift:DescribeEndpointAuthorization

create

redshift:AuthorizeEndpointAccessredshift:DescribeEndpointAuthorization

update

redshift:AuthorizeEndpointAccessredshift:DescribeEndpointAuthorizationredshift:RevokeEndpointAccess

list

redshift:DescribeEndpointAuthorization

delete

redshift:RevokeEndpointAccessredshift:DeleteEndpointAccessredshift:DescribeEndpointAuthorizationec2:DeleteClientVpnEndpointec2:DescribeVpcAttributeec2:DescribeSecurityGroupsec2:DescribeAddressesec2:DescribeInternetGateways

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceRedshift

Properties12

Required2

TaggingNot supported

Primary IDClusterIdentifier

Supported Operations

ReadCreateUpdateListDelete

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

ClusterIdentifierAccount

Related Resources

External Links

AWS Documentation