Automate Amazon Redshift Serverless knowledge warehouse administration utilizing AWS CloudFormation and the AWS CLI



Amazon Redshift Serverless makes it easy to run and scale analytics with out having to handle the occasion kind, occasion dimension, lifecycle administration, pausing, resuming, and so forth. It robotically provisions and intelligently scales knowledge warehouse compute capability to ship quick efficiency for even probably the most demanding and unpredictable workloads, and also you pay just for what you utilize. Simply load your knowledge and begin querying immediately within the Amazon Redshift Question Editor or in your favourite enterprise intelligence (BI) instrument and proceed to get pleasure from the very best value efficiency and acquainted SQL options in an easy-to-use, zero administration surroundings.

Redshift Serverless separates compute and storage and introduces two abstractions:

  • Workgroup – A workgroup is a set of compute sources. It teams collectively compute sources like RPUs, VPC subnet teams, and safety teams.
  • Namespace – A namespace is a set of database objects and customers. It teams collectively knowledge objects, comparable to databases, schemas, tables, customers, or AWS Key Administration Service (AWS KMS) keys for encrypting knowledge.

Some organizations need to automate the creation of workgroups and namespaces for automated infrastructure administration and constant configuration throughout environments, and supply end-to-end self-service capabilities. You’ll be able to automate the workgroup and namespace administration operations utilizing the Redshift Serverless API, the AWS Command Line Interface (AWS CLI), or AWS CloudFormation, which we reveal on this submit.

Answer overview

Within the following sections, we focus on the automation approaches for numerous duties concerned in Redshift Serverless knowledge warehouse administration utilizing AWS CloudFormation (for extra data, see RedshiftServerless useful resource kind reference) and the AWS CLI (see redshift-serverless).

The next are a few of the key use circumstances and applicable automation approaches to make use of with AWS CloudFormation:

  • Allow end-to-end self-service from infrastructure setup to querying
  • Automate knowledge client onboarding for knowledge provisioned by way of AWS Knowledge Change
  • Speed up workload isolation by creating endpoints
  • Create a brand new knowledge warehouse with constant configuration throughout environments

The next are a few of the primary use circumstances and approaches for the AWS CLI:

  • Automate upkeep operations:
    • Backup and limits
    • Modify RPU configurations
    • Handle limits
  • Automate migration from provisioned to serverless


To run the operations described on this submit, guarantee that this person or function has AWS Id Entry and Administration (IAM) arn:aws:iam::aws:coverage/AWSCloudFormationFullAccess, and both the administrator permission arn:aws:iam::aws:coverage/AdministratorAccess or the complete Amazon Redshift permission arn:aws:iam::aws:coverage/AmazonRedshiftFullAccess coverage connected. Seek advice from Safety and connections in Amazon Redshift Serverless for additional particulars.

You must have a minimum of three subnets, and so they should span throughout three Availability Zones.It isn’t sufficient if simply 3 subnets created in identical availability zone. To create a brand new VPC and subnets, use the next CloudFormation template to deploy in your AWS account.

Create a Redshift Serverless namespace and workgroup utilizing AWS CloudFormation

AWS CloudFormation helps you mannequin and arrange your AWS sources as a way to spend much less time on infrastructure setup and extra time focusing in your purposes that run in AWS. You create a template that describes all of the AWS sources that you really want, and AWS CloudFormation takes care of provisioning and configuring these sources primarily based on the given enter parameters.

To create the namespace and workgroup for a Redshift Serverless knowledge warehouse utilizing AWS CloudFormation, full the next steps:

  1. Select Launch Stack to launch AWS CloudFormation in your AWS account with a template:
  2. For Stack title, enter a significant title for the stack, for instance, rsserverless.
  3. Enter the parameters detailed within the following desk.
Parameters Default Allowed Values Description
Namespace . N/A The title of the namespace of your option to be created.
Database Title dev N/A The title of the primary database within the Redshift Serverless surroundings.
Admin Person Title admin N/A The administrator’s person title for the Redshift Serverless namespace being create.
Admin Person Password . N/A The password related to the admin person.
Affiliate IAM Function . Comma-delimited checklist of ARNs of IAM roles Affiliate an IAM function to your Redshift Serverless namespace (optionally available).
Log Export Listing userlog, connectionlog, useractivitylog userlog, connectionlog, useractivitylog Present comma-separated values from the checklist. For instance, userlog, connectionlog, useractivitylog. If left clean, LogExport is turned off.
Workgroup . N/A The workgroup title of your option to be created.
Base RPU 128 Minimal worth of 32 and most worth of 512 The bottom RPU for the Redshift Serverless workgroup.
Publicly accessible false true, false Signifies if the Redshift Serverless occasion is publicly accessible.
Subnet Ids . N/A You should have a minimum of three subnets, and so they should span throughout three Availability Zones.
Safety Group Id . N/A The checklist of safety group IDs in your VPC.
Enhanced VPC Routing false true, false The worth that specifies whether or not to allow enhanced VPC routing, which forces Redshift Serverless to route visitors by way of your VPC.
  1. Go the parameters supplied to the AWS::RedshiftServerless::Namespace and AWS::RedshiftServerless::Workgroup useful resource varieties:
        Sort: 'AWS::RedshiftServerless::Namespace'
            Ref: AdminUsername
            Ref: AdminUserPassword
            Ref: DatabaseName
            Ref: NamespaceName
            Ref: IAMRole
            Ref: LogExportsList        
        Sort: 'AWS::RedshiftServerless::Workgroup'
            Ref: WorkgroupName
            Ref: NamespaceName
            Ref: BaseRPU
            Ref: PubliclyAccessible
            Ref: SubnetId
            Ref: SecurityGroupIds
            Ref: EnhancedVpcRouting        
          - RedshiftServerlessNamespace

Carry out namespace and workgroup administration operations utilizing the AWS CLI

The AWS CLI is a unified instrument to handle your AWS providers. With only one instrument to obtain and configure, you may management a number of AWS providers from the command line and automate them by way of scripts.

To run the Redshift Serverless CLI instructions, you must set up the most recent model of AWS CLI. For directions, consult with Putting in or updating the most recent model of the AWS CLI.

Now you’re prepared to finish the next steps:

Use the next command to create a brand new namespace:

aws redshift-serverless create-namespace 
    --admin-user-password '<password>' 
    --admin-username cfn-blog-admin 
    --db-name cfn-blog-db 
    --namespace-name 'cfn-blog-ns'

The next screenshot exhibits an instance output.


Use the next command to create a brand new workgroup mapped to the namespace you simply created:

aws redshift-serverless create-workgroup 
    --base-capacity 128 
    --namespace-name 'cfn-blog-ns' 
    --security-group-ids "sg-0269bd680e0911ce7" 
    --subnet-ids "subnet-078eedbdd99398568" "subnet-05defe25a59c0e4c2" "subnet-0f378d07e02da3e48"
    --workgroup-name 'cfn-blog-wg'

The next is an instance output.

create workgroup

To permit situations and gadgets exterior the VPC to connect with the workgroup, use the publicly-accessible choice within the create-workgroup CLI command.

To confirm the workgroup has been created and is in AVAILABLE standing, use the next command:

aws redshift-serverless get-workgroup 
--workgroup-name 'cfn-blog-wg' 
--output textual content 
--query 'workgroup.standing'

The next screenshot exhibits our output.

No matter whether or not your snapshot was made out of a provisioned cluster or serverless workgroup, it may be restored into a brand new serverless workgroup. Restoring a snapshot replaces the namespace and workgroup with the contents of the snapshot.

Use the next command to revive from a snapshot:

aws redshift-serverless restore-from-snapshot 
--namespace-name 'cfn-blog-ns' 
--snapshot-arn arn:aws:redshift:us-east-1:<account-id>:snapshot:<cluster-identifier>/<snapshot-identifier> 
--workgroup-name 'cfn-blog-wg'

The next is an instance output.

To verify the workgroup standing, run the next command:

aws redshift-serverless get-workgroup 
--workgroup-name 'cfn-blog-wg' 
--output textual content 
--query 'workgroup.standing'

To create a snapshot from an current namespace, run the next command:

aws redshift-serverless create-snapshot 
--namespace-name cfn-blog-ns 
--snapshot-name cfn-blog-snapshot-from-ns 
--retention-period 7

The next is an instance output.

Redshift Serverless creates restoration factors of your namespace which can be obtainable for twenty-four hours. To maintain your restoration level longer than 24 hours, convert it to a snapshot.

To search out the restoration factors related to your namespace, run the next command:

aws redshift-serverless list-recovery-points 
--namespace-name cfn-blog-ns 

The next an instance output with the checklist of all of the restoration factors.

list recovery points

Let’s take the most recent recoveryPointId from the checklist and convert to snapshot.

To create a snapshot from a restoration level, run the next command:

aws redshift-serverless convert-recovery-point-to-snapshot 
--recovery-point-id f9eaf9ac-a98d-4809-9eee-869ef03e98b4 
--retention-period 7 
--snapshot-name cfn-blog-snapshot-from-rp

The next is an instance output.


Along with restoring a snapshot to a serverless namespace, you may as well restore from a restoration level.

  1. First, you must discover the restoration level identifier utilizing the list-recovery-points command.
  2. Then use the next command to revive from a restoration level:
aws redshift-serverless restore-from-recovery-point 
--namespace-name cfn-blog-ns 
--recovery-point-id 15c55fb4-d973-4d8a-a8fe-4741e7911137 
--workgroup-name cfn-blog-wg

The next is an instance output.

restore from recovery point

The base RPU determines the beginning capability on your serverless surroundings.

Use the next command to switch the bottom RPU primarily based in your workload necessities:

aws redshift-serverless update-workgroup 
--base-capacity 256 
--workgroup-name 'cfn-blog-wg'

The next is an instance output.

Run the next command to confirm the workgroup base RPU capability has been modified to 256:

aws redshift-serverless get-workgroup 
--workgroup-name 'cfn-blog-wg' 
--output textual content 
--query 'workgroup.baseCapacity'

To maintain prices predictable for Redshift Serverless, you may set the utmost RPU hours used per day, per week, or per thirty days. As well as, you may take motion when the restrict is reached. Actions embrace: write a log entry to a system desk, obtain an alert, or flip off person queries.

Use the next command to first get the workgroup ARN:

aws redshift-serverless get-workgroup --workgroup-name 'cfn-blog-wg' 
--output textual content 
--query 'workgroup.workgroupArn'

The next screenshot exhibits our output.

Use the workgroupArn output from the previous command with the next command to set the every day RPU utilization restrict and set the motion habits to log:

aws redshift-serverless create-usage-limit 
--amount 256 
--breach-action log 
--period every day 
--resource-arn arn:aws:redshift-serverless:us-east-1:<aws-account-id>:workgroup/1dcdd402-8aeb-432e-8833-b1f78a112a93 
--usage-type serverless-compute

The next is an instance output.


You have got now realized the best way to automate administration operations on Redshift Serverless namespaces and workgroups utilizing AWS CloudFormation and the AWS CLI. To automate creation and administration of Amazon Redshift provisioned clusters, consult with Automate Amazon Redshift Cluster administration operations utilizing AWS CloudFormation.

Concerning the Authors

Ranjan Burman is a Analytics Specialist Options Architect at AWS. He focuses on Amazon Redshift and helps clients construct scalable analytical options. He has greater than 15 years of expertise in several database and knowledge warehousing applied sciences. He’s captivated with automating and fixing buyer issues with the usage of cloud options.

Satesh Sonti is a Sr. Analytics Specialist Options Architect primarily based out of Atlanta, specialised in constructing enterprise knowledge platforms, knowledge warehousing, and analytics options. He has over 16 years of expertise in constructing knowledge property and main complicated knowledge platform applications for banking and insurance coverage purchasers throughout the globe.

Urvish Shah is a Senior Database Engineer at Amazon Redshift. He has greater than a decade of expertise engaged on databases, knowledge warehousing and in analytics house. Exterior of labor, he enjoys cooking, travelling and spending time along with his daughter.