Amazon Redshift Connectors > Part II: Data Integration with Amazon Redshift V2 Connector > Connections for Amazon Redshift V2 > Create a minimal Amazon IAM policy
  

Create a minimal Amazon IAM policy

To stage the data in Amazon S3, you need to create an IAM policy with the minimum required permissions to access the S3 resources.
You can either attach the policy to the IAM user and generate the S3 access key ID and S3 secret access keys to access S3 resources. Or, if you have an EC2 instance, you can assign the minimum policy to the EC2 instance to access the S3 bucket for staging.
You need the following minimum required permissions in the policy:
You can use the following sample Amazon IAM policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads"
],
"Resource": [
"arn:aws:s3:::<bucket_name>/*",
"arn:aws:s3:::<bucket_name>"
]
}
]
}
For mappings in advanced mode, you can use different AWS accounts within the same AWS region in the source and target connection. Make sure that the Amazon IAM policy confirms access to the AWS accounts specified in mappings.
Note: The Test Connection does not validate the IAM policy assigned to users. Hence, ensure that the policy assigned to the user is valid.