Skip to main content

Connect to Amazon Redshift

Learn how to connect your Amazon Redshift database to Retool.

You can connect to Amazon Redshift and make it available as a resource in Retool. Once complete, your users can write queries that interact with Amazon Redshift data.

Requirements and settings

The following requirements for a Amazon Redshift resource depend on whether you are creating a resource on a cloud-hosted Retool organization or a self-hosted deployment.

Requirements for cloud-hosted Retool

The following requirements must be met to successfully create Amazon Redshift resources.

RequirementDescription
Sufficient user permissions to create resources

All users for Retool organizations on Free or Team plans have global Edit permissions and can add, edit, and remove resources. If your organization manages user permissions for resources, you must be a member of a group with Edit all permissions.

Resource configuration settings

You must be able to provide the settings needed to create a resource. This may require you to perform actions, such as generating access credentials or creating a client application.

Resource authentication settings

You must have access to the data source and sufficient permissions to perform the actions needed, and be able to provide valid authentication settings.

Allow Retool access to the data source

If the data source is behind a firewall or restricts access based on IP address then you must ensure that your Retool organization can access it. If necessary, configure your data source to allow access from Retool's IP addresses.

Configuration settings for cloud-hosted Retool

Cloud-hosted Retool organizations support the following configuration settings.

SettingDescription
Host

The host server address.

Port

The host server connection port.

Database name

The name of the database to use.

Cloud-hosted Retool organizations can also optionally configure the following advanced options.

SettingDescription
Override default outbound Retool region

Specify a different outbound region from which Retool connects. This can improve performance if your resource is located in a different region to us-west-2.

Disable converting queries to prepared statements

Whether to disable SQL injection protection that allows dynamically generated SQL using JavaScript.

Show write GUI mode only

Whether to prevent users from writing raw SQL statements.

Enable SSH tunnel

Whether to enable SSH tunneling.

Authentication settings for cloud-hosted Retool

Cloud-hosted Retool organizations can authenticate with this resource using the following methods. You must be able to provide the necessary credentials for the method you wish to use.

Username and password

Authentication is performed using the provided username and password.

SettingDescription
Username

The username with which to authenticate.

Password

The password with which to authenticate.

AWS IAM

Authentication is performed using AWS identity and access management (IAM) access keys for which you provide details.

SettingDescription
Database username

The username with which to authenticate.

Region

The AWS region with which to connect. This is often part of the base URL.

Access key ID

The access key ID with which to authenticate.

Secret key ID

The secret key ID with which to authenticate.

Role to assume (ARN)

A different role with which to access the API.

SSL/TLS validation

SSL/TLS strongly recommended

Retool strongly recommends enabling SSL/TLS certificate validation whenever it's available. This ensures the connection is secure and prevents attackers from using invalid server certificates to gain access to your data.

Some resources support or require SSL/TLS validation. If needed, provide the following information to configure SSL.

SettingDescription
CA CertThe CA certificate.
Client keyThe client key.
Client certThe client certificate.

Refer to the data source's documentation to learn more about connecting with SSL.

1. Create a resource

Sign in to your Retool organization and navigate to the Resources tab. Click Create new > Resource, then select Amazon Redshift.

2. Configure the resource

Specify a name and location for your Amazon Redshift resource. Retool displays the resource name and type in query editors to help users identify them. Next, provide the required information to create the resource. Depending on how your data source is configured, you may also need to provide optional settings for Retool to connect.

3. Test the connection

Click Test Connection to verify that Retool can successfully connect to Amazon Redshift. If the test fails, check the resource settings and try again.

Testing only verifies connection

Testing a connection only checks whether Retool can successfully connect to the resource. It cannot check whether the provided credentials have sufficient privileges or can perform every supported action.

4. Save the resource

Click Create resource to complete the setup. You can then click either Create app to immediately start building a Retool app or Back to resources to return to the list of resources.

Wrap up

Your Amazon Redshift resource is now ready to use. To start querying Amazon Redshift data:

  1. Add a Resource query to an app or a Resource query block to a workflow.
  2. Select the new Amazon Redshift resource from the resources dropdown.
  3. Write and run a query.