Generating Temporary AWS Access Credentials

AWS Security Credentials

Adding your AWS security credentials (an access key ID and secret access key) unlocks features in JackDB for working with data sources and services hosted on the Amazon Web Services (AWS) cloud computing platform, including:

  • Amazon Relational Database Service (RDS),
  • Amazon Redshift, and
  • Amazon Simple Storage Service (S3).

We use your access key ID and secret access key to make secure requests on your behalf to AWS.

Generating temporary security credentials

Temporary security credentials are recommended for executing COPY and UNLOAD commands in Redshift. They have a shorter lifespan (24 hours). If you're working with a Redshift data source, you can generate temporary security credentials directly in the query editor.

  • Click AWS in the editor toolbar.
  • Click Generate Keys under Access Credentials to generate new temporary access credentials.

Loading data from S3 with the COPY command

Typically, you'll specify the path to the S3 object that contains data to be loaded into Redshift, and the temporary credentials needed to access the S3 object. For example:

COPY <table_name>
FROM 's3://<bucket_name>/<object_prefix>'
CREDENTIALS 'aws_access_key_id=<temporary-access-key-id>;aws_secret_access_key=<temporary-secret-access-key>;token=<temporary-token>' -- Generated, temporary security credentials

Conveniently, the string after CREDENTIALS containing the temporary access credentials is automatically generated for you.

For more information, see: Using the COPY command to load from Amazon S3

Unloading data to S3 with the UNLOAD command

Similarly, you can unload data from Redshift to S3. For example:

UNLOAD ('<query>')
TO 's3://<bucket_name>/<object_prefix>'
CREDENTIALS 'aws_access_key_id=<temporary-access-key-id>;aws_secret_access_key=<temporary-secret-access-key>;token=<temporary-token>' -- Generated, temporary security credentials

For more information, see: Unloading data to Amazon S3