endpoint_accesses

Creates, updates, deletes or gets an endpoint_access resource or lists endpoint_accesses in a region

Overview

Name	`endpoint_accesses`
Type	Resource
Description	Resource schema for a Redshift-managed VPC endpoint.
Id	`aws.redshift.endpoint_accesses`

Fields

Name	Datatype	Description
`endpoint_status`	`string`	The status of the endpoint.
`vpc_endpoint`	`object`	The connection endpoint for connecting to an Amazon Redshift cluster through the proxy.
`address`	`string`	The DNS address of the endpoint.
`endpoint_name`	`string`	The name of the endpoint.
`vpc_security_group_ids`	`array`	A list of vpc security group ids to apply to the created endpoint access.
`resource_owner`	`string`	The AWS account ID of the owner of the cluster.
`subnet_group_name`	`string`	The subnet group name where Amazon Redshift chooses to deploy the endpoint.
`port`	`integer`	The port number on which the cluster accepts incoming connections.
`endpoint_create_time`	`string`	The time (UTC) that the endpoint was created.
`cluster_identifier`	`string`	A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account
`vpc_security_groups`	`array`	A list of Virtual Private Cloud (VPC) security groups to be associated with the endpoint.
`region`	`string`	AWS region.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`ClusterIdentifier, SubnetGroupName, EndpointName, VpcSecurityGroupIds, region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all endpoint_accesses in a region.

SELECT
region,
endpoint_status,
vpc_endpoint,
address,
endpoint_name,
vpc_security_group_ids,
resource_owner,
subnet_group_name,
port,
endpoint_create_time,
cluster_identifier,
vpc_security_groups
FROM aws.redshift.endpoint_accesses
WHERE region = 'us-east-1';

Gets all properties from an individual endpoint_access.

SELECT
region,
endpoint_status,
vpc_endpoint,
address,
endpoint_name,
vpc_security_group_ids,
resource_owner,
subnet_group_name,
port,
endpoint_create_time,
cluster_identifier,
vpc_security_groups
FROM aws.redshift.endpoint_accesses
WHERE region = 'us-east-1' AND data__Identifier = '<EndpointName>';

`INSERT` example

Use the following StackQL query and manifest file to create a new endpoint_access resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO aws.redshift.endpoint_accesses (
 EndpointName,
 VpcSecurityGroupIds,
 SubnetGroupName,
 ClusterIdentifier,
 region
)
SELECT 
'{{ EndpointName }}',
 '{{ VpcSecurityGroupIds }}',
 '{{ SubnetGroupName }}',
 '{{ ClusterIdentifier }}',
'{{ region }}';

/*+ create */
INSERT INTO aws.redshift.endpoint_accesses (
 EndpointName,
 VpcSecurityGroupIds,
 ResourceOwner,
 SubnetGroupName,
 ClusterIdentifier,
 region
)
SELECT 
 '{{ EndpointName }}',
 '{{ VpcSecurityGroupIds }}',
 '{{ ResourceOwner }}',
 '{{ SubnetGroupName }}',
 '{{ ClusterIdentifier }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: endpoint_access
    props:
      - name: EndpointName
        value: '{{ EndpointName }}'
      - name: VpcSecurityGroupIds
        value:
          - '{{ VpcSecurityGroupIds[0] }}'
      - name: ResourceOwner
        value: '{{ ResourceOwner }}'
      - name: SubnetGroupName
        value: '{{ SubnetGroupName }}'
      - name: ClusterIdentifier
        value: '{{ ClusterIdentifier }}'

`DELETE` example

/*+ delete */
DELETE FROM aws.redshift.endpoint_accesses
WHERE data__Identifier = '<EndpointName>'
AND region = 'us-east-1';

Permissions

To operate on the endpoint_accesses resource, the following permissions are required:

Read

redshift:DescribeEndpointAccess,
ec2:DescribeClientVpnEndpoints,
ec2:DescribeVpcEndpoint,
ec2:DescribeVpcAttribute,
ec2:DescribeSecurityGroups,
ec2:DescribeAddresses,
ec2:DescribeInternetGateways,
ec2:DescribeSubnets

Create

redshift:CreateEndpointAccess,
redshift:DescribeEndpointAccess,
ec2:CreateClientVpnEndpoint,
ec2:CreateVpcEndpoint,
ec2:DescribeVpcAttribute,
ec2:DescribeSecurityGroups,
ec2:DescribeAddresses,
ec2:DescribeInternetGateways,
ec2:DescribeSubnets

Update

redshift:DescribeEndpointAccess,
redshift:ModifyEndpointAccess,
ec2:ModifyClientVpnEndpoint,
ec2:ModifyVpcEndpoint,
ec2:DescribeVpcAttribute,
ec2:DescribeSecurityGroups,
ec2:DescribeAddresses,
ec2:DescribeInternetGateways,
ec2:DescribeSubnets

List

redshift:DescribeEndpointAccess,
ec2:DescribeClientVpnEndpoints,
ec2:DescribeVpcEndpoints,
ec2:DescribeVpcAttribute,
ec2:DescribeSecurityGroups,
ec2:DescribeAddresses,
ec2:DescribeInternetGateways,
ec2:DescribeSubnets

Delete

redshift:DeleteEndpointAccess,
redshift:DescribeEndpointAccess,
ec2:DeleteClientVpnEndpoint,
ec2:DeleteVpcEndpoint,
ec2:DescribeVpcAttribute,
ec2:DescribeSecurityGroups,
ec2:DescribeAddresses,
ec2:DescribeInternetGateways,
ec2:DescribeSubnets,
ec2:DescribeVpcEndpoint

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Read​

Create​

Update​

List​

Delete​