Starburst Redshift connector#

The Starburst Redshift connector is an extended version of the Redshift connector. It can be used to connect and query Redshift databases. Configuration and usage is identical.
The following improvements are included:
Requirements#
Fulfill the Redshift connector requirements.
Additional features of the connector require a valid Starburst Enterprise license, unless otherwise noted.
Configuration#
The Starburst Redshift connector supports all configuration options available for the base Redshift connector.
To configure a Redshift catalog, create a catalog properties file in
etc/catalog
named, for example, example.properties
. The following
is a minimal configuration for a Redshift catalog properties file:
connector.name=redshift
connection-url=jdbc:redshift://example.net:5439/database
connection-user=redshift_username
connection-password=redshift_password
The Starburst extension adds the following additional catalog configuration property:
Property name |
Description |
Default |
---|---|---|
|
Allow access to other databases in Redshift by including the database name in double quotes with the schema name: SELECT *
FROM catalog."database.schema".table
When enabled, |
false |
Type mapping#
Because SEP and Redshift each support types that the other does not, this connector modifies some types when reading or writing data.
Redshift to SEP type mapping#
This connector supports reading the following Redshift types and performs conversion to SEP types with the detailed mappings as shown in the following table.
Redshift database type |
SEP type |
Notes |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Redshift’s |
|
|
Redshift’s |
|
|
|
|
|
|
|
|
No other types are supported.
SEP to Redshift type mapping#
This connector supports writing the following SEP types and performs conversion to Redshift types with the detailed mappings as shown in the following table.
SEP type |
Redshift type |
Notes |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
For |
|
|
For |
|
|
For |
|
|
For |
|
|
For |
|
|
When no bound is given. |
|
|
|
|
|
|
|
|
No other types are supported.
Mapping datetime types#
Redshift’s TIME
and TIMESTAMP
types only support microsecond precision
(6 digits). When writing data with higher precision from SEP to Redshift,
the time is rounded to the nearest microsecond before being inserted.
SQL support#
The connector supports all of the SQL statements listed in the Redshift connector documentation.
When the redshift.database-prefix-for-schema.enabled
catalog configuration
property is enabled, the connector only supports globally available and read operation SQL
statements.
Performance#
The connector includes a number of performance improvements, detailed in the following sections.
Pushdown#
The connector supports pushdown for a number of operations:
Aggregate pushdown for the following functions:
count()
, alsocount(distinct x)
variance()
andvar_samp()
Cost-based join pushdown#
The connector supports cost-based Join pushdown to make intelligent decisions about whether to push down a join operation to the data source.
When cost-based join pushdown is enabled, the connector only pushes down join operations if the available Table statistics suggest that doing so improves performance. Note that if no table statistics are available, join operation pushdown does not occur to avoid a potential decrease in query performance.
The following table describes catalog configuration properties for join pushdown:
Property name |
Description |
Default value |
---|---|---|
|
Enable join pushdown. Equivalent catalog
session property is
|
|
|
Strategy used to evaluate whether join operations are pushed down. Set to
|
|
Table statistics#
The Redshift connector can use table and column statistics for cost based optimizations, to improve query processing performance based on the actual data in the data source.
The statistics are collected by Redshift and retrieved by the connector.
ANALYZE
may be run automatically depending on your Redshift configuration.
To manually collect statistics for a table, execute the following statement in
Redshift.
ANALYZE table_schema.table_name;
Refer to Redshift documentation for additional ANALYZE
options.
Dynamic filtering#
Dynamic filtering is enabled by default. It causes the connector to wait for dynamic filtering to complete before starting a JDBC query.
You can disable dynamic filtering by setting the dynamic-filtering.enabled
property in your catalog configuration file to false
.
Wait timeout#
By default, table scans on the connector are delayed up to 20 seconds until dynamic filters are collected from the build side of joins. Using a large timeout can potentially result in more detailed dynamic filters. However, it can also increase latency for some queries.
You can configure the dynamic-filtering.wait-timeout
property in your
catalog properties file:
dynamic-filtering.wait-timeout=1m
You can use the dynamic_filtering_wait_timeout
catalog session
property in a specific session:
SET SESSION example.dynamic_filtering_wait_timeout = 1s;
Compaction#
The maximum size of dynamic filter predicate, that is pushed down to the
connector during table scan for a column, is configured using the
domain-compaction-threshold
property in the catalog
properties file:
domain-compaction-threshold=100
You can use the domain_compaction_threshold
catalog
session property:
SET SESSION domain_compaction_threshold = 10;
By default, domain-compaction-threshold
is set to 32
.
When the dynamic predicate for a column exceeds this threshold, it is compacted
into a single range predicate.
For example, if the dynamic filter collected for a date column dt
on the
fact table selects more than 32 days, the filtering condition is simplified from
dt IN ('2020-01-10', '2020-01-12',..., '2020-05-30')
to dt BETWEEN
'2020-01-10' AND '2020-05-30'
. Using a large threshold can result in increased
table scan overhead due to a large IN
list getting pushed down to the data
source.
Metrics#
Metrics about dynamic filtering are reported in a JMX table for each catalog:
jmx.current."io.trino.plugin.jdbc:name=example,type=dynamicfilteringstats"
Metrics include information about the total number of dynamic filters, the number of completed dynamic filters, the number of available dynamic filters and the time spent waiting for dynamic filters.
Starburst Cached Views#
The connectors supports table scan redirection to improve performance and reduce load on the data source.
Security#
The connector includes a number of security-related features, detailed in the following sections.
User impersonation#
The connector supports user impersonation. Enable user impersonation in the catalog properties file:
redshift.impersonation.enabled=true
User impersonation in the Redshift connector is based on SET SESSION AUTHORIZATION command supported in Redshift.
Note
Running SET SESSION AUTHORIZATION
in Redshift requires the initial
connection user to be a superuser.
Password credential pass-through#
The connector supports password credential pass-through. To enable it, edit the catalog properties file to include the authentication type:
redshift.authentication.type=PASSWORD_PASS_THROUGH
For more information about configurations and limitations, see Password credential pass-through.
AWS IAM authentication#
The connector supports IAM authentication. This enhancement allows you to manage access control from SEP with IAM policies.
Configuration#
To enable IAM authentication, add the following configuration properties to the catalog configuration file:
redshift.authentication.type=AWS
aws.region-name=<AWS region>
This table describes the configuration properties for IAM authentication:
Property name |
Description |
---|---|
|
The name of the AWS region in which the Redshift instance is deployed. |
|
The access key of the principal to authenticate with for the token generator service. Used for fixed authentication, setting this property disables automatic authentication. |
|
The secret key of the principal to authenticate with for the token generator service. Used for fixed authentication, setting this property disables automatic authentication. |
|
(Optional) A session token for temporary credentials, such as credentials obtained from SSO. Used for fixed authentication, setting this property disables automatic authentication. |
Authentication#
By default the connector attempts to automatically obtain its authentication credentials from the environment. The default credential provider chain attempts to obtain credentials from the following sources, in order:
Environment variables:
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
, orAWS_ACCESS_KEY
andAWS_SECRET_KEY
.Java system properties:
aws.accessKeyId
andaws.secretKey
.Web identity token: credentials from the environment or container.
Credential profiles file: a profiles file at the default location (
~/.aws/credentials
) shared by all AWS SDKs and the AWS CLI.EC2 service credentials: credentials delivered through the Amazon EC2 container service, assuming the security manager has permission to access the value of the
AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
environment variable.Instance profile credentials: credentials delivered through the Amazon EC2 metadata service.
If the SEP cluster is running on an EC2 instance, these credentials most likely come from the metadata service.
Alternatively, you can set fixed credentials for authentication. This option disables the container’s automatic attempt to locate credentials. To use fixed credentials for authentication, set the following configuration properties:
aws.access-key=<access_key>
aws.secret-key=<secret_key>
# (Optional) You can use temporary credentials. For example, you can use temporary credentials from SSO
aws.session-token=<session_token>
Limitations#
The Redshift connector doesn’t push down queries with a
GROUP BY
andWHERE
clause on the same column for tables usingALL
orAUTO(ALL)
distribution styles due to a limitation in Redshift. You can work around this by changing the table to use anEVEN
orKEY
distribution style as described in the Redshift documentation about distribution styles.