Skip to main content

Setting general connection parameters

This section describes how to configure general connection properties. For an explanation of how to configure advanced connection properties, see Setting advanced connection properties.

To add an Amazon Redshift Target to Qlik Replicate:

  1. In the Qlik Replicate Console, click Manage Endpoint Connections to open the Manage Endpoints Connections dialog box.
  2. In the Manage Endpoint Connections dialog box, click New Endpoint Connection.
  3. In the Name field, type a name for your Amazon Redshift data warehouse [service]. This can be any name that will help to identify your Amazon Redshift database.
  4. Optionally, in the Description field, type a description that helps to identify the Amazon Redshift target database.
  5. Select Target as the role.

  6. Select Amazon Redshift as the Type.
  7. Enter the following Amazon Redshift target information:

    • Redshift cluster: Type the name of the Amazon Redshift cluster you are using.
    • Port: Type the port number for Amazon Redshift.
    • User name: Type an Amazon Redshift user name for a registered user.
    • Password: Type the password for the user entered in the User name field.
    • Database name: Type the database name or select one from the list of available Amazon Redshift data warehouse [services].

    The information for these properties is available from the account page for Amazon Web Services (AWS) with the Amazon Redshift cluster. If you do not have these values, refer to your AWS account or the Amazon Redshift System Administrator for your enterprise.

  8. Enter the following Amazon S3 staging information. You may need to click the Amazon S3 staging header to see the information.

    • Bucket name: Type the name of the Amazon S3 bucket where you are copying files to.
    • Bucket region:

      The region where your bucket is located. It is recommended to leave the default (Auto-Detect) as it usually eliminates the need to select a specific region. However, due to security considerations, for some regions (for example, AWS GovCloud) you might need to explicitly select the region. If the region you require does not appear in the regions list, select Other and set the code using the regionCode internal parameter in the endpoint’s Advanced tab.

      For a list of region codes, see the Region availability section in:

      https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html

    • Use AWS PrivateLink: Select this to connect to an Amazon VPC and then specify the VPC Endpoint URL (for example, https://bucket.vpce-1a2b3c4d-5e6f.s3.us-east-1.vpce.amazonaws.com).

    • Access options: Choose one of the following:

      • Key pair

        Choose this method to authenticate with your Access Key and Secret Key.

        When this option is selected, specify the following:

        • Access key: Type the access key information for Amazon S3.
        • Secret key: Type the secret key information for Amazon S3.
      • IAM Roles for EC2:

        Choose this method if the machine on which Qlik Replicate is installed is configured to authenticate itself using an IAM role.

        For more information about this access option, see:

        http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html

      • Security Token Service (STS)

        Choose this method to authenticate using SAML 2.0 with Active Directory Federation Services.

        When this option is selected, specify the following:

        • ADFS URL: The URL to an Active Directory Federation Services page, responsible for returning a SAML claims document to be sent over to AWS.
        • AD principal name: The principal (user) name to use when identifying against ADFS.

          The format should be: user.name@domain

        • AD principal password: The principal password to use when identifying against ADFS
        • IdP ARN: The Amazon Resource Name (ARN) of the Active Directory issuing the SAML claims document. This is required as it enables AWS to identify the signer of the SAML document and verify its signature.
        • Role ARN: The Amazon Resource Name (ARN) of the specific role the returned credentials should be assigned.

        For more information about this access option, see:

        https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html

      • IAM Roles Anywhere

        IAM Roles Anywhere can be set up in the IAM Roles Anywhere console, via the AWS CLI, or using the AWS SDK. IAM Roles Anywhere allows you to use your private key infrastructure (PKI) to generate temporary credentials for accessing IAM roles from outside of AWS. This means you can securely access AWS resources from Replicate without having to manage long-term credentials.

        When this option is selected, specify the following:

        • Certificate file: Path to the Replicate public certificate in PEM format. This file needs to be signed with the CA certificate configured in the IAM Roles Anywhere console.
        • Private key file: Path to the Replicate private key file in PEM format.
        • Private key passphrase: The private key passphrase. Only required if the private key file is encrypted.
        • Trust anchor ARN: The ARN associated with the trust anchor you created in the IAM Roles Anywhere console. You establish trust between IAM Roles Anywhere and your certificate authority (CA) by creating a trust anchor. A trust anchor is a reference to either AWS Private CA or an external CA certificate. Your workloads outside of AWS authenticate with the trust anchor using certificates issued by the trusted CA in exchange for temporary AWS credentials.
        • Profile ARN: The ARN associated with the profile you created in the IAM Roles Anywhere console. To specify which roles IAM Roles Anywhere assumes and what your workloads can do with the temporary credentials, you create a profile. In a profile, you can define permissions with IAM managed policies to limit the permissions for a created session.
        • Role ARN: The ARN associated with the role you created in the IAM Roles Anywhere console. A role is an IAM identity that you create in your account with specific permissions. For IAM Roles Anywhere to be able to assume a role and deliver temporary AWS credentials, the role must trust the IAM Roles Anywhere service principal.

        For more information about IAM Roles Anywhere, see:

        Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere

    • Folder: The name of the Amazon S3 folder to where you want your files to be copied.

    The information for these properties is available from your Amazon Web Services (AWS) account. If you do not have these values, refer to your AWS account or the Amazon Redshift System Administrator for your enterprise

Information note
  • This information is case sensitive.
  • To determine if you are connected to the database you want to use or if the connection information you entered is correct, click Test Connection.

    If the connection is successful a message in green is displayed. If the connection fails, an error message is displayed at the bottom of the dialog box.

    To view the log entry if the connection fails, click View Log. The server log is displayed with the information for the connection failure. Note that this button is not available unless the test connection fails.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!