All the interaction in my previous post is done via SQL. Amazon Redshift also has a management console that provides insight into the operation of the system. So let’s have a look.
Examine Load operation:
Amazon redshift maintains information about every data load query performed. You can see the query duration, start time and SQL executed.
You can see the system performance during in cluster performance. The cpu utilization, network throughput and write IOPS etc.. From same page you can queries tat executed in the cluster. I highlighted the query and its information displayed on the left side.
Status tab to view the information about the cluster.
You can resize the cluster -> resize cluster option. As my cluster was single mode, I modified it to cluster and added another node. This operation will reboot the cluster.
Resize operation is in progress.
Once resize is compete, cluster status will become healthy.
Snapshots are point in time backups of a cluster. You can create snapshots automatically and manually. Amazon Redshift stores these snapshots in amazon s3. The retention period of snapshots is 35 days and default is 1. Manual snapshots are kept even after you delete your cluster. Automated snapshots created after 8 hours internal or every 5GB of data changes.
cluster-> backup -> create snapshot.
Amazon Redshift now has the ability to automatically back up your cluster to a second AWS region. Retention period is 35 maximum or 1 as default. This will copy the both automatic and manual snapshot on second region. If you redshift is encrypted with KMS-encryption then snapshots are also encrypted.
cluster-> backup -> configure cross-region snapshot.
You can restore the cluster from snapshot which will create a new cluster and import data from the snapshot. Process is straight forward. You can restore one table as well from snapshot instead of entire cluster.
You can monitor redshift from console performance tab and configure cloudwatch alerts.
Select create Alarm from performance tab.
Data can also be exported to S3 with unload command. The data can then be used in other systems such as dynamoDB, your applications or loaded into another amazon redshift cluster.
Delete the cluster:
In the left navigation pane, click clusters and select delete.
- create snapshot : no
- Select the acknowledgement
- click delete
Security in Redshift:
Amazon Redshift provides these features to manage security:
- IAM roles and policies: IAM roles and policies must be defined to control access to the redshift.
- Security Groups: When you provision Redshift cluster, by default all traffic is blocked. So create separate security groups and allow access.
- VPC: we are creating Redshift inside VPC, we can control n/w level access of VPC using private subnet.
- Limited user access to data can be done via database views.
- Encryption: to encrypt user data in tables, we must enable encryption while creating the cluster. You can’t disabled encryption once enabled.
- SSL for Encryption in-transit : SSL based encryption between SQL client and redshift cluster. Instead of default parameter in redshift cluster, create another parameter group and set parameter “require_SSL=true”. And associate this new parameter with your cluster. Please note that you can’t change the default parameter group.
- Encryption at Rest:
- Can use KMS
- Use cloudHSM or on-pre HSM
Leave a Reply