def _make_aws_credentials_obj_with_profile() -> AWSCredentialsProvider:
cred_provider: AWSCredentialsProvider = AWSCredentialsProvider()
rp: RedshiftProperty = RedshiftProperty()
profile_name: str = "myProfile"
rp.profile = profile_name
cred_provider.add_parameter(rp)
return cred_provider
def make_valid_azure_oauth2_provider(
) -> typing.Tuple[BrowserAzureOAuth2CredentialsProvider, RedshiftProperty]:
rp: RedshiftProperty = RedshiftProperty()
rp.idp_tenant = "my_idp_tenant"
rp.client_id = "my_client_id"
rp.scope = "my_scope"
rp.idp_response_timeout = 900
rp.listen_port = 1099
cp: BrowserAzureOAuth2CredentialsProvider = BrowserAzureOAuth2CredentialsProvider(
)
cp.add_parameter(rp)
return cp, rp
def read_auth_profile(
auth_profile: str,
iam_access_key_id: str,
iam_secret_key: str,
iam_session_token: typing.Optional[str],
info: RedshiftProperty,
) -> RedshiftProperty:
import json
import boto3
from botocore.exceptions import ClientError
# 1st phase - authenticate with boto3 client for Amazon Redshift via IAM
# credentials provided by end user
creds: typing.Dict[str, str] = {
"aws_access_key_id": iam_access_key_id,
"aws_secret_access_key": iam_secret_key,
"region_name": typing.cast(str, info.region),
}
for opt_key, opt_val in (
("aws_session_token", iam_session_token),
("endpoint_url", info.endpoint_url),
):
if opt_val is not None and opt_val != "":
creds[opt_key] = opt_val
try:
_logger.debug("Initial authentication with boto3...")
client = boto3.client(service_name="redshift", **creds)
_logger.debug("Requesting authentication profiles")
# 2nd phase - request Amazon Redshift authentication profiles and record contents for retrieving
# temporary credentials for the Amazon Redshift cluster specified by end user
response = client.describe_authentication_profiles(
AuthenticationProfileName=auth_profile)
except ClientError:
raise InterfaceError(
"Unable to retrieve contents of Redshift authentication profile from server"
)
_logger.debug("Received {} authentication profiles".format(
len(response["AuthenticationProfiles"])))
# the first matching authentication profile will be used
profile_content: typing.Union[str] = response[
"AuthenticationProfiles"][0]["AuthenticationProfileContent"]
try:
profile_content_dict: typing.Dict = json.loads(profile_content)
return RedshiftProperty(**profile_content_dict)
except ValueError:
raise ProgrammingError(
"Unable to decode the JSON content of the Redshift authentication profile: {}"
.format(auth_profile))
def _make_aws_credentials_obj_with_credentials() -> AWSCredentialsProvider:
cred_provider: AWSCredentialsProvider = AWSCredentialsProvider()
rp: RedshiftProperty = RedshiftProperty()
access_key_id: str = "my_access"
secret_key: str = "my_secret"
session_token: str = "my_session"
rp.access_key_id = access_key_id
rp.secret_access_key = secret_key
rp.session_token = session_token
cred_provider.add_parameter(rp)
return cred_provider
def connect(
user: str,
database: str,
password: str,
port: int = 5439,
host: str = "localhost",
source_address: typing.Optional[str] = None,
unix_sock: typing.Optional[str] = None,
ssl: bool = True,
sslmode: str = "verify-ca",
timeout: typing.Optional[int] = None,
max_prepared_statements: int = 1000,
tcp_keepalive: bool = True,
application_name: typing.Optional[str] = None,
replication: typing.Optional[str] = None,
idp_host: typing.Optional[str] = None,
db_user: typing.Optional[str] = None,
app_id: typing.Optional[str] = None,
app_name: str = "amazon_aws_redshift",
preferred_role: typing.Optional[str] = None,
principal_arn: typing.Optional[str] = None,
credentials_provider: typing.Optional[str] = None,
region: typing.Optional[str] = None,
cluster_identifier: typing.Optional[str] = None,
iam: bool = False,
client_id: typing.Optional[str] = None,
idp_tenant: typing.Optional[str] = None,
client_secret: typing.Optional[str] = None,
partner_sp_id: typing.Optional[str] = None,
idp_response_timeout: int = 120,
listen_port: int = 7890,
login_url: typing.Optional[str] = None,
auto_create: bool = False,
db_groups: typing.List[str] = list(),
force_lowercase: bool = False,
allow_db_user_override: bool = False,
client_protocol_version: int = DEFAULT_PROTOCOL_VERSION,
database_metadata_current_db_only: bool = True,
ssl_insecure: typing.Optional[bool] = None,
) -> Connection:
info: RedshiftProperty = RedshiftProperty()
set_iam_properties(
info,
user=user,
host=host,
database=database,
port=port,
password=password,
source_address=source_address,
unix_sock=unix_sock,
ssl=ssl,
sslmode=sslmode,
timeout=timeout,
max_prepared_statements=max_prepared_statements,
tcp_keepalive=tcp_keepalive,
application_name=application_name,
replication=replication,
idp_host=idp_host,
db_user=db_user,
app_id=app_id,
app_name=app_name,
preferred_role=preferred_role,
principal_arn=principal_arn,
credentials_provider=credentials_provider,
region=region,
cluster_identifier=cluster_identifier,
iam=iam,
client_id=client_id,
idp_tenant=idp_tenant,
client_secret=client_secret,
partner_sp_id=partner_sp_id,
idp_response_timeout=idp_response_timeout,
listen_port=listen_port,
login_url=login_url,
auto_create=auto_create,
db_groups=db_groups,
force_lowercase=force_lowercase,
allow_db_user_override=allow_db_user_override,
client_protocol_version=client_protocol_version,
database_metadata_current_db_only=database_metadata_current_db_only,
ssl_insecure=ssl_insecure,
)
return Connection(
user=info.user_name,
host=info.host,
database=info.db_name,
port=info.port,
password=info.password,
source_address=info.source_address,
unix_sock=info.unix_sock,
ssl=info.ssl,
sslmode=info.sslmode,
timeout=info.timeout,
max_prepared_statements=info.max_prepared_statements,
tcp_keepalive=info.tcp_keepalive,
application_name=info.application_name,
replication=info.replication,
client_protocol_version=info.client_protocol_version,
database_metadata_current_db_only=database_metadata_current_db_only,
)
def connect(
user: typing.Optional[str] = None,
database: typing.Optional[str] = None,
password: typing.Optional[str] = None,
port: typing.Optional[int] = None,
host: typing.Optional[str] = None,
source_address: typing.Optional[str] = None,
unix_sock: typing.Optional[str] = None,
ssl: typing.Optional[bool] = None,
sslmode: typing.Optional[str] = None,
timeout: typing.Optional[int] = None,
max_prepared_statements: typing.Optional[int] = None,
tcp_keepalive: typing.Optional[bool] = None,
application_name: typing.Optional[str] = None,
replication: typing.Optional[str] = None,
idp_host: typing.Optional[str] = None,
db_user: typing.Optional[str] = None,
app_id: typing.Optional[str] = None,
app_name: typing.Optional[str] = None,
preferred_role: typing.Optional[str] = None,
principal_arn: typing.Optional[str] = None,
access_key_id: typing.Optional[str] = None,
secret_access_key: typing.Optional[str] = None,
session_token: typing.Optional[str] = None,
profile: typing.Optional[str] = None,
credentials_provider: typing.Optional[str] = None,
region: typing.Optional[str] = None,
cluster_identifier: typing.Optional[str] = None,
iam: typing.Optional[bool] = None,
client_id: typing.Optional[str] = None,
idp_tenant: typing.Optional[str] = None,
client_secret: typing.Optional[str] = None,
partner_sp_id: typing.Optional[str] = None,
idp_response_timeout: typing.Optional[int] = None,
listen_port: typing.Optional[int] = None,
login_url: typing.Optional[str] = None,
auto_create: typing.Optional[bool] = None,
db_groups: typing.Optional[typing.List[str]] = None,
force_lowercase: typing.Optional[bool] = None,
allow_db_user_override: typing.Optional[bool] = None,
client_protocol_version: typing.Optional[int] = None,
database_metadata_current_db_only: typing.Optional[bool] = None,
ssl_insecure: typing.Optional[bool] = None,
web_identity_token: typing.Optional[str] = None,
role_session_name: typing.Optional[str] = None,
role_arn: typing.Optional[str] = None,
iam_disable_cache: typing.Optional[bool] = None,
auth_profile: typing.Optional[str] = None,
endpoint_url: typing.Optional[str] = None,
provider_name: typing.Optional[str] = None,
scope: typing.Optional[str] = None,
) -> Connection:
"""
Establishes a :class:`Connection` to an Amazon Redshift cluster. This function validates user input, optionally authenticates using an identity provider plugin, then constructs a :class:`Connection` object.
Parameters
----------
user : Optional[str]
The username to use for authentication with the Amazon Redshift cluster.
password : Optional[str]
The password to use for authentication with the Amazon Redshift cluster.
database : Optional[str]
The name of the database instance to connect to.
host : Optional[str]
The hostname of the Amazon Redshift cluster.
port : Optional[int]
The port number of the Amazon Redshift cluster. Default value is 5439.
source_address : typing.Optional[str]
unix_sock : Optional[str]
ssl : Optional[bool]
Is SSL enabled. Default value is ``True``. SSL must be enabled when authenticating using IAM.
sslmode : Optional[str]
The security of the connection to the Amazon Redshift cluster. 'verify-ca' and 'verify-full' are supported.
timeout : Optional[int]
The number of seconds before the connection to the server will timeout. By default there is no timeout.
max_prepared_statements : Optional[int]
tcp_keepalive : Optional[bool]
Is `TCP keepalive <https://en.wikipedia.org/wiki/Keepalive#TCP_keepalive>`_ used. The default value is ``True``.
application_name : Optional[str]
Sets the application name. The default value is None.
replication : Optional[str]
Used to run in `streaming replication mode <https://www.postgresql.org/docs/12/protocol-replication.html>`_.
idp_host : Optional[str]
The hostname of the IdP.
db_user : Optional[str]
The user ID to use with Amazon Redshift
app_id : Optional[str]
app_name : Optional[str]
The name of the identity provider (IdP) application used for authentication.
preferred_role : Optional[str]
The IAM role preferred for the current connection.
principal_arn : Optional[str]
The ARN of the IAM entity (user or role) for which you are generating a policy.
credentials_provider : Optional[str]
The class name of the IdP that will be used for authenticating with the Amazon Redshift cluster.
region : Optional[str]
The AWS region where the Amazon Redshift cluster is located.
cluster_identifier : Optional[str]
The cluster identifier of the Amazon Redshift cluster.
iam : Optional[bool]
If IAM authentication is enabled. Default value is False. IAM must be True when authenticating using an IdP.
client_id : Optional[str]
The client id from Azure IdP.
idp_tenant : Optional[str]
The IdP tenant.
client_secret : Optional[str]
The client secret from Azure IdP.
partner_sp_id : Optional[str]
The Partner SP Id used for authentication with Ping.
idp_response_timeout : Optional[int]
The timeout for retrieving SAML assertion from IdP. Default value is `120`.
listen_port : Optional[int]
The listen port the IdP will send the SAML assertion to. Default value is `7890`.
login_url : Optional[str]
The SSO url for the IdP.
auto_create : Optional[bool]
Indicates whether the user should be created if they do not exist. Default value is `False`.
db_groups : Optional[str]
A comma-separated list of existing database group names that the `db_user` joins for the current session.
force_lowercase : Optional[bool]
allow_db_user_override : Optional[bool]
Specifies if the driver uses the `db_user` value from the SAML assertion. TDefault value is `False`.
client_protocol_version : Optional[int]
The requested server protocol version. The default value is 2 representing `BINARY`. If the requested server protocol cannot be satisfied a warning will be displayed to the user and the driver will default to the highest supported protocol. See `ClientProtocolVersion` for more details.
database_metadata_current_db_only : Optional[bool]
Is `datashare <https://docs.aws.amazon.com/redshift/latest/dg/datashare-overview.html>`_ disabled. Default value is True, implying datasharing will not be used.
ssl_insecure : Optional[bool]
Specifies if IdP host's server certificate will be verified. Default value is True
web_identity_token: Optional[str]
A web identity token used for authentication with JWT.
role_session_name: Optional[str]
An identifier for the assumed role session used for authentication with JWT.
role_arn: Optional[str]
The role ARN used for authentication with JWT. This parameter is required when using a JWTCredentialsProvider.
iam_disable_cache: Optional[bool]
This option specifies whether the IAM credentials are cached. By default caching is enabled.
auth_profile: Optional[str]
The name of an Amazon Redshift Authentication profile having connection properties as JSON. See :class:RedshiftProperty to learn how connection properties should be named.
endpoint_url: Optional[str]
The Amazon Redshift endpoint url. This option is only used by AWS internal teams.
provider_name: Optional[str]
The name of the Redshift Native Auth Provider.
scope: Optional[str]
Scope for BrowserAzureOauth2CredentialsProvider authentication.
Returns
-------
A Connection object associated with the specified Amazon Redshift cluster: :class:`Connection`
"""
info: RedshiftProperty = RedshiftProperty()
info.put("access_key_id", access_key_id)
info.put("allow_db_user_override", allow_db_user_override)
info.put("app_id", app_id)
info.put("app_name", app_name)
info.put("application_name", application_name)
info.put("auth_profile", auth_profile)
info.put("auto_create", auto_create)
info.put("client_id", client_id)
info.put("client_protocol_version", client_protocol_version)
info.put("client_secret", client_secret)
info.put("cluster_identifier", cluster_identifier)
info.put("credentials_provider", credentials_provider)
info.put("database_metadata_current_db_only",
database_metadata_current_db_only)
info.put("db_groups", db_groups)
info.put("db_name", database)
info.put("db_user", db_user)
info.put("endpoint_url", endpoint_url)
info.put("force_lowercase", force_lowercase)
info.put("host", host)
info.put("iam", iam)
info.put("iam_disable_cache", iam_disable_cache)
info.put("idp_host", idp_host)
info.put("idp_response_timeout", idp_response_timeout)
info.put("idp_tenant", idp_tenant)
info.put("listen_port", listen_port)
info.put("login_url", login_url)
info.put("max_prepared_statements", max_prepared_statements)
info.put("partner_sp_id", partner_sp_id)
info.put("password", password)
info.put("port", port)
info.put("preferred_role", preferred_role)
info.put("principal", principal_arn)
info.put("profile", profile)
info.put("provider_name", provider_name)
info.put("region", region)
info.put("replication", replication)
info.put("role_arn", role_arn)
info.put("role_session_name", role_session_name)
info.put("scope", scope)
info.put("secret_access_key", secret_access_key)
info.put("session_token", session_token)
info.put("source_address", source_address)
info.put("ssl", ssl)
info.put("ssl_insecure", ssl_insecure)
info.put("sslmode", sslmode)
info.put("tcp_keepalive", tcp_keepalive)
info.put("timeout", timeout)
info.put("unix_sock", unix_sock)
info.put("user_name", user)
info.put("web_identity_token", web_identity_token)
_logger.debug(make_divider_block())
_logger.debug("User provided connection arguments")
_logger.debug(make_divider_block())
_logger.debug(mask_secure_info_in_props(info).__str__())
_logger.debug(make_divider_block())
if (info.ssl is False) and (info.iam is True):
raise InterfaceError(
"Invalid connection property setting. SSL must be enabled when using IAM"
)
if (info.iam is False) and (info.ssl_insecure is False):
raise InterfaceError(
"Invalid connection property setting. IAM must be enabled when using ssl_insecure"
)
if info.client_protocol_version not in ClientProtocolVersion.list():
raise InterfaceError(
"Invalid connection property setting. client_protocol_version must be in: {}"
.format(ClientProtocolVersion.list()))
redshift_native_auth: bool = False
if info.iam:
if info.credentials_provider == "BasicJwtCredentialsProvider":
redshift_native_auth = True
_logger.debug("redshift_native_auth enabled")
if not redshift_native_auth:
IamHelper.set_iam_properties(info)
_logger.debug(make_divider_block())
_logger.debug(
"Connection arguments following validation and IAM auth (if applicable)"
)
_logger.debug(make_divider_block())
_logger.debug(mask_secure_info_in_props(info).__str__())
_logger.debug(make_divider_block())
return Connection(
user=info.user_name,
host=info.host,
database=info.db_name,
port=info.port,
password=info.password,
source_address=info.source_address,
unix_sock=info.unix_sock,
ssl=info.ssl,
sslmode=info.sslmode,
timeout=info.timeout,
max_prepared_statements=info.max_prepared_statements,
tcp_keepalive=info.tcp_keepalive,
application_name=info.application_name,
replication=info.replication,
client_protocol_version=info.client_protocol_version,
database_metadata_current_db_only=info.
database_metadata_current_db_only,
credentials_provider=info.credentials_provider,
provider_name=info.provider_name,
web_identity_token=info.web_identity_token,
)
def connect(
user: str,
database: str,
password: str,
port: int = 5439,
host: str = "localhost",
source_address: typing.Optional[str] = None,
unix_sock: typing.Optional[str] = None,
ssl: bool = True,
sslmode: str = "verify-ca",
timeout: typing.Optional[int] = None,
max_prepared_statements: int = 1000,
tcp_keepalive: bool = True,
application_name: typing.Optional[str] = None,
replication: typing.Optional[str] = None,
idp_host: typing.Optional[str] = None,
db_user: typing.Optional[str] = None,
app_id: typing.Optional[str] = None,
app_name: str = "amazon_aws_redshift",
preferred_role: typing.Optional[str] = None,
principal_arn: typing.Optional[str] = None,
credentials_provider: typing.Optional[str] = None,
region: typing.Optional[str] = None,
cluster_identifier: typing.Optional[str] = None,
iam: bool = False,
client_id: typing.Optional[str] = None,
idp_tenant: typing.Optional[str] = None,
client_secret: typing.Optional[str] = None,
partner_sp_id: typing.Optional[str] = None,
idp_response_timeout: int = 120,
listen_port: int = 7890,
login_url: typing.Optional[str] = None,
auto_create: bool = False,
db_groups: typing.Optional[typing.List[str]] = None,
force_lowercase: bool = False,
allow_db_user_override: bool = False,
log_level: int = 0,
log_path: str = log_path,
) -> Connection:
FORMAT_TO_USE: str = "%(levelname)s|%(asctime)s|%(name)s|%(filename)s|" "%(funcName)s|%(lineno)d: %(message)s"
log_level_dic: typing.Dict[int, int] = {
0: logging.CRITICAL,
1: logging.ERROR,
2: logging.WARN,
3: logging.INFO,
4: logging.DEBUG,
}
logging.basicConfig(filename=log_path,
filemode="w",
format=FORMAT_TO_USE,
level=logging.INFO)
logging.disable(log_level_dic[log_level])
info: RedshiftProperty = RedshiftProperty()
set_iam_properties(
info,
user=user,
host=host,
database=database,
port=port,
password=password,
source_address=source_address,
unix_sock=unix_sock,
ssl=ssl,
sslmode=sslmode,
timeout=timeout,
max_prepared_statements=max_prepared_statements,
tcp_keepalive=tcp_keepalive,
application_name=application_name,
replication=replication,
idp_host=idp_host,
db_user=db_user,
app_id=app_id,
app_name=app_name,
preferred_role=preferred_role,
principal_arn=principal_arn,
credentials_provider=credentials_provider,
region=region,
cluster_identifier=cluster_identifier,
iam=iam,
client_id=client_id,
idp_tenant=idp_tenant,
client_secret=client_secret,
partner_sp_id=partner_sp_id,
idp_response_timeout=idp_response_timeout,
listen_port=listen_port,
login_url=login_url,
auto_create=auto_create,
db_groups=db_groups,
force_lowercase=force_lowercase,
allow_db_user_override=allow_db_user_override,
)
return Connection(
user=info.user_name,
host=info.host,
database=info.db_name,
port=info.port,
password=info.password,
source_address=info.source_address,
unix_sock=info.unix_sock,
ssl=info.ssl,
sslmode=info.sslmode,
timeout=info.timeout,
max_prepared_statements=info.max_prepared_statements,
tcp_keepalive=info.tcp_keepalive,
application_name=info.application_name,
replication=info.replication,
)
def connect(
user: str,
database: str,
password: str,
port: int = 5439,
host: str = "localhost",
source_address: typing.Optional[str] = None,
unix_sock: typing.Optional[str] = None,
ssl: bool = True,
sslmode: str = "verify-ca",
timeout: typing.Optional[int] = None,
max_prepared_statements: int = 1000,
tcp_keepalive: bool = True,
application_name: typing.Optional[str] = None,
replication: typing.Optional[str] = None,
idp_host: typing.Optional[str] = None,
db_user: typing.Optional[str] = None,
app_id: typing.Optional[str] = None,
app_name: str = "amazon_aws_redshift",
preferred_role: typing.Optional[str] = None,
principal_arn: typing.Optional[str] = None,
access_key_id: typing.Optional[str] = None,
secret_access_key: typing.Optional[str] = None,
session_token: typing.Optional[str] = None,
profile: typing.Optional[str] = None,
credentials_provider: typing.Optional[str] = None,
region: typing.Optional[str] = None,
cluster_identifier: typing.Optional[str] = None,
iam: bool = False,
client_id: typing.Optional[str] = None,
idp_tenant: typing.Optional[str] = None,
client_secret: typing.Optional[str] = None,
partner_sp_id: typing.Optional[str] = None,
idp_response_timeout: int = 120,
listen_port: int = 7890,
login_url: typing.Optional[str] = None,
auto_create: bool = False,
db_groups: typing.List[str] = list(),
force_lowercase: bool = False,
allow_db_user_override: bool = False,
client_protocol_version: int = DEFAULT_PROTOCOL_VERSION,
database_metadata_current_db_only: bool = True,
ssl_insecure: typing.Optional[bool] = None,
web_identity_token: typing.Optional[str] = None,
role_session_name: typing.Optional[str] = None,
role_arn: typing.Optional[str] = None,
) -> Connection:
"""
Establishes a :class:`Connection` to an Amazon Redshift cluster. This function validates user input, optionally authenticates using an identity provider plugin, then constructs a :class:`Connection` object.
Parameters
----------
user : str
The username to use for authentication with the Amazon Redshift cluster.
password : str
The password to use for authentication with the Amazon Redshift cluster.
database : str
The name of the database instance to connect to.
host : str
The hostname of the Amazon Redshift cluster.
port : int
The port number of the Amazon Redshift cluster. Default value is 5439.
source_address : typing.Optional[str]
unix_sock : Optional[str]
ssl : bool
Is SSL enabled. Default value is ``True``. SSL must be enabled when authenticating using IAM.
sslmode : str
The security of the connection to the Amazon Redshift cluster. 'verify-ca' and 'verify-full' are supported.
timeout : Optional[int]
The number of seconds before the connection to the server will timeout. By default there is no timeout.
max_prepared_statements : int
tcp_keepalive : Optional[bool]
Is `TCP keepalive <https://en.wikipedia.org/wiki/Keepalive#TCP_keepalive>`_ used. The default value is ``True``.
application_name : Optional[str]
Sets the application name. The default value is None.
replication : Optional[str]
Used to run in `streaming replication mode <https://www.postgresql.org/docs/12/protocol-replication.html>`_.
idp_host : Optional[str]
The hostname of the IdP.
db_user : str
The user ID to use with Amazon Redshift
app_id : Optional[str]
app_name : str
The name of the identity provider (IdP) application used for authentication.
preferred_role : str
The IAM role preferred for the current connection.
principal_arn : Optional[str]
credentials_provider : str
The class name of the IdP that will be used for authenticating with the Amazon Redshift cluster.
region : str
The AWS region where the Amazon Redshift cluster is located.
cluster_identifier : str
The cluster identifier of the Amazon Redshift cluster.
iam : bool
If IAM authentication is enabled. Default value is False. IAM must be True when authenticating using an IdP.
client_id : str
The client id from Azure IdP.
idp_tenant : str
The IdP tenant.
client_secret : str
The client secret from Azure IdP.
partner_sp_id : Optional[str]
idp_response_timeout : int
The timeout for retrieving SAML assertion from IdP. Default value is `120`.
listen_port : int
The listen port the IdP will send the SAML assertion to. Default value is `7890`.
login_url : str
The SSO url for the IdP.
auto_create :bool
Indicates whether the user should be created if they do not exist. Default value is `False`.
db_groups : str
A comma-separated list of existing database group names that the `db_user` joins for the current session.
force_lowercase :
allow_db_user_override : bool
Specifies if the driver uses the `db_user` value from the SAML assertion. TDefault value is `False`.
client_protocol_version : int
The requested server protocol version. The default value is 1 representing `EXTENDED_RESULT_METADATA`. If the requested server protocol cannot be satisfied, a warning will be displayed to the user.
database_metadata_current_db_only : bool
Is `datashare <https://docs.aws.amazon.com/redshift/latest/dg/datashare-overview.html>`_ disabled. Default value is True, implying datasharing will not be used.
ssl_insecure : bool
Specifies if IdP host's server certificate will be verified. Default value is True
Returns
-------
A Connection object associated with the specified Amazon Redshift cluster: :class:`Connection`
"""
info: RedshiftProperty = RedshiftProperty()
IamHelper.set_iam_properties(
info,
user=user,
host=host,
database=database,
port=port,
password=password,
source_address=source_address,
unix_sock=unix_sock,
ssl=ssl,
sslmode=sslmode,
timeout=timeout,
max_prepared_statements=max_prepared_statements,
tcp_keepalive=tcp_keepalive,
application_name=application_name,
replication=replication,
idp_host=idp_host,
db_user=db_user,
app_id=app_id,
app_name=app_name,
preferred_role=preferred_role,
principal_arn=principal_arn,
access_key_id=access_key_id,
secret_access_key=secret_access_key,
session_token=session_token,
profile=profile,
credentials_provider=credentials_provider,
region=region,
cluster_identifier=cluster_identifier,
iam=iam,
client_id=client_id,
idp_tenant=idp_tenant,
client_secret=client_secret,
partner_sp_id=partner_sp_id,
idp_response_timeout=idp_response_timeout,
listen_port=listen_port,
login_url=login_url,
auto_create=auto_create,
db_groups=db_groups,
force_lowercase=force_lowercase,
allow_db_user_override=allow_db_user_override,
client_protocol_version=client_protocol_version,
database_metadata_current_db_only=database_metadata_current_db_only,
ssl_insecure=ssl_insecure,
web_identity_token=web_identity_token,
role_session_name=role_session_name,
role_arn=role_arn,
)
return Connection(
user=info.user_name,
host=info.host,
database=info.db_name,
port=info.port,
password=info.password,
source_address=info.source_address,
unix_sock=info.unix_sock,
ssl=info.ssl,
sslmode=info.sslmode,
timeout=info.timeout,
max_prepared_statements=info.max_prepared_statements,
tcp_keepalive=info.tcp_keepalive,
application_name=info.application_name,
replication=info.replication,
client_protocol_version=info.client_protocol_version,
database_metadata_current_db_only=database_metadata_current_db_only,
)