{"id":111499,"date":"2023-07-25T16:23:00","date_gmt":"2023-07-25T13:23:00","guid":{"rendered":"https:\/\/elementor.com\/blog\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/"},"modified":"2025-12-01T13:17:47","modified_gmt":"2025-12-01T11:17:47","slug":"activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte","status":"publish","type":"post","link":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/","title":{"rendered":"Activation de l&rsquo;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)"},"content":{"rendered":"\n<p>Dans ce guide \u00e9tape par \u00e9tape, nous allons apprendre \u00e0 configurer l&rsquo;authentification SSO avec Redshift et <a class=\"wpil_keyword_link\" href=\"https:\/\/elementor.com\/blog\/cloud-hosting\/\" title=\"AWS\" data-wpil-keyword-link=\"linked\" data-wpil-monitor-id=\"7569\">AWS<\/a> IAM Identity Center afin d&rsquo;am\u00e9liorer la s\u00e9curit\u00e9 et de faciliter l&rsquo;acc\u00e8s des utilisateurs.<\/p>\n\n<figure class=\"wp-block-image size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"751\" height=\"161\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Redshift-SSO.drawio.png\" alt=\"\" class=\"wp-image-85731\"\/><\/figure>\n\n<h3 class=\"wp-block-heading\" id=\"Used-Sources:\">Sources Utilis\u00e9es:<\/h3>\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/aws.amazon.com\/blogs\/big-data\/federated-authentication-to-amazon-redshift-using-aws-single-sign-on\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/aws.amazon.com\/blogs\/big-data\/federated-authentication-to-amazon-redshift-using-aws-single-sign-on\/<\/a><\/li><li><a href=\"https:\/\/aws.amazon.com\/blogs\/big-data\/amazon-redshift-identity-federation-with-multi-factor-authentication\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/aws.amazon.com\/blogs\/big-data\/amazon-redshift-identity-federation-with-multi-factor-authentication\/<\/a><\/li><\/ul>\n\n<h3 class=\"wp-block-heading\" id=\"Terms-Dictionary:\">Dictionnaire des Termes:<\/h3>\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><th class=\"has-text-align-left\" data-align=\"left\"><strong>Terme<\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong>Signification<\/strong><\/th><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Compte Identity Center<\/td><td class=\"has-text-align-left\" data-align=\"left\">Le compte o\u00f9 l&rsquo;IAM Identity Center est configur\u00e9.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Compte Redshift<\/td><td class=\"has-text-align-left\" data-align=\"left\">Le compte enfant du compte Identity Center qui contient le cluster Redshift auquel nous voulons nous connecter.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">IDP<\/td><td class=\"has-text-align-left\" data-align=\"left\">Fournisseur d&rsquo;Identit\u00e9<\/td><\/tr><\/tbody><\/table><\/figure>\n\n<h3 class=\"wp-block-heading\" id=\"What's-Redshift?\">Qu&rsquo;est-ce que Redshift?<\/h3>\n\n<p>AWS Redshift est un service d&rsquo;entrep\u00f4t de donn\u00e9es enti\u00e8rement g\u00e9r\u00e9 fourni par Amazon Web Services (AWS).<br\/>Il est con\u00e7u pour g\u00e9rer des charges de travail d&rsquo;analyse de donn\u00e9es \u00e0 grande \u00e9chelle et permet aux organisations d&rsquo;analyser de vastes quantit\u00e9s de donn\u00e9es rapidement et de mani\u00e8re rentable.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"What&#x2019;s-IAM-Identity-Center?\">Qu&rsquo;est-ce que IAM Identity Center?<\/h3>\n\n<p>IAM Identity Center fournit un endroit o\u00f9 vous pouvez cr\u00e9er ou connecter des utilisateurs de la main-d&rsquo;\u0153uvre et g\u00e9rer centralement leur acc\u00e8s \u00e0 tous leurs comptes et applications AWS.<br\/>Vous pouvez utiliser des autorisations multi-comptes pour attribuer \u00e0 vos utilisateurs de la main-d&rsquo;\u0153uvre l&rsquo;acc\u00e8s aux comptes AWS.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"Why-SSO?\">Pourquoi SSO?<\/h3>\n\n<p>SSO <strong>r\u00e9duit le nombre de surfaces d&rsquo;attaque <\/strong>parce que les utilisateurs ne se connectent qu&rsquo;une fois par jour et n&rsquo;utilisent qu&rsquo;un seul ensemble d&rsquo;identifiants.<br\/>R\u00e9duire la connexion \u00e0 un seul ensemble d&rsquo;identifiants am\u00e9liore la s\u00e9curit\u00e9 de l&rsquo;<a class=\"wpil_keyword_link\" href=\"https:\/\/elementor.com\/pages\/seo\/enterprise-wordpress-hosting\/\" title=\"entreprise\" data-wpil-keyword-link=\"linked\" data-wpil-monitor-id=\"1369\">entreprise<\/a>.\nLorsque les employ\u00e9s doivent utiliser des mots de passe distincts pour chaque application, ils ne le font g\u00e9n\u00e9ralement pas. <\/p>\n\n<h2 class=\"wp-block-heading\" id=\"Prerequisites\">Pr\u00e9requis<\/h2>\n\n<ol class=\"wp-block-list\"><li>IAM Identity Center pr\u00e9configur\u00e9 \u2192 <a href=\"https:\/\/docs.aws.amazon.com\/singlesignon\/latest\/userguide\/getting-started.html\" target=\"_blank\" rel=\"noreferrer noopener\">Commencer &#8211; AWS IAM Identity Center.<\/a><\/li><li>Cluster Redshift pr\u00e9configur\u00e9 avec un acc\u00e8s administratif.<\/li><li>Utilisateur et mot de passe de la source d&rsquo;identit\u00e9 (Okta, PingOne, etc.).<\/li><li>JetBrains DataGrip install\u00e9 (peut \u00eatre en version gratuite).<\/li><\/ol>\n\n<h2 class=\"wp-block-heading\" id=\"Step-by-Step:\">\u00c9tape par \u00c9tape:<\/h2>\n\n<h3 class=\"wp-block-heading\" id=\"Configure-Identity-Center-application\">Configurer l&rsquo;application Identity Center<\/h3>\n\n<p>Notre premi\u00e8re \u00e9tape sera de cr\u00e9er une nouvelle application AWS Identity Center <strong>dans le compte Identity Center <\/strong>pour \u00eatre utilis\u00e9e comme canal principal entre les utilisateurs et le cluster Redshift.<\/p>\n\n<ol class=\"wp-block-list\"><li>Dans le panneau lat\u00e9ral IAM Identity Center, cliquez sur \u201cApplications\u201d.<br\/><img decoding=\"async\" width=\"278\" height=\"71\" class=\"wp-image-85732\" style=\"width: 278px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.25.46.png\" alt=\"\"\/><br\/> <\/li><li>Dans le coin sup\u00e9rieur droit, cliquez sur \u201cAjouter une application\u201d.<br\/><img decoding=\"async\" width=\"1402\" height=\"152\" class=\"wp-image-85733\" style=\"width: 1402px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.27.18.png\" alt=\"\"\/><\/li><li>Cochez \u201cajouter une application SAML 2.0 personnalis\u00e9e\u201d et cliquez sur \u201cSuivant\u201d.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1057\" height=\"178\" class=\"wp-image-85734\" style=\"width: 1057px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.28.44.png\" alt=\"\"\/><\/li><li>D\u00e9finissez un nom d&rsquo;affichage appropri\u00e9, nous appellerons notre application \u201cRedshift-ReadOnly\u201d, car cette application sera utilis\u00e9e pour obtenir un acc\u00e8s en lecture seule aux donn\u00e9es du cluster.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"965\" height=\"201\" class=\"wp-image-85735\" style=\"width: 965px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.32.25.png\" alt=\"\"\/><\/li><li><a class=\"wpil_keyword_link\" href=\"https:\/\/elementor.com\/wordpress\/\" title=\"T&#xE9;l&#xE9;charger\" data-wpil-keyword-link=\"linked\" data-wpil-monitor-id=\"6136\">T\u00e9l\u00e9chargez<\/a> le fichier de m\u00e9tadonn\u00e9es SAML Identity Center, nous l&rsquo;utiliserons plus tard pour configurer notre application de compte Redshift.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"872\" height=\"420\" class=\"wp-image-85736\" style=\"width: 872px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.33.39.png\" alt=\"\"\/><br\/> <\/li><li>Copiez l&rsquo;URL de connexion de l&rsquo;application <a class=\"wpil_keyword_link\" href=\"https:\/\/elementor.com\/blog\/url\/\" title=\"URL\" data-wpil-keyword-link=\"linked\" data-wpil-monitor-id=\"7134\">URL<\/a> car nous en aurons besoin plus tard.<br\/><\/li><li>Ensuite, nous configurerons le <strong>SAML application ACS<\/strong> (aka Assertion Consumer Service).<br\/>En bref, ACS est l&#8217;emplacement o\u00f9 la r\u00e9ponse de l&rsquo;application SAML sera envoy\u00e9e.<br\/><br\/>Comme nous utiliserons le <strong>AWS Redshift JDBC driver<\/strong> pour nous connecter \u00e0 notre cluster Redshift, nous devrons d\u00e9finir l&rsquo;ACS de l&rsquo;application \u00e0 <code>http:\/\/localhost:7890\/redshift\/<\/code> &#8211; car le driver JDBC d\u00e9marre un serveur \u00e9coutant sur le port 7890 par d\u00e9faut.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"308\" height=\"74\" class=\"wp-image-85737\" style=\"width: 308px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.56.40.png\" alt=\"\"\/><img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/ab00f622-901e-48a6-af15-55b11fe407f4#media-blob-url=true&amp;id=a1039895-cc77-4376-8887-687b0a94ffae&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=74&amp;width=308&amp;alt=\"\/><\/li><li>Afin de restreindre l&rsquo;assertion de l&rsquo;application SAML uniquement \u00e0 Redshift, nous configurerons le champ \u201cAudience SAML de l&rsquo;application\u201d \u00e0 <code>urn:amazon:webservices:redshift<\/code>.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"247\" height=\"70\" class=\"wp-image-85738\" style=\"width: 247px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-15.58.17.png\" alt=\"\"\/> <\/li><\/ol>\n\n<h3 class=\"wp-block-heading\" id=\"Create-Identity-Provider\">Cr\u00e9er un Fournisseur d&rsquo;Identit\u00e9<\/h3>\n\n<p>Apr\u00e8s avoir cr\u00e9\u00e9 notre application <strong>Redshift-ReadOnly<\/strong> dans le compte Identity Center, nous devons configurer un fournisseur d&rsquo;identit\u00e9 \u00e0 utiliser par l&rsquo;application <strong>Redshift-ReadOnly <\/strong>pour se connecter au cluster Redshift du compte Redshift.<\/p>\n\n<ol class=\"wp-block-list\"><li>Dans le panneau lat\u00e9ral du tableau de bord IAM de votre compte Redshift, cliquez sur <strong>Fournisseurs d&rsquo;Identit\u00e9<\/strong>.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"271\" height=\"431\" class=\"wp-image-85742\" style=\"width: 271px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.19.31.png\" alt=\"\"\/> <\/li><li>Dans le coin sup\u00e9rieur droit, cliquez sur \u201cAjouter un fournisseur\u201d.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1328\" height=\"78\" class=\"wp-image-85743\" style=\"width: 1328px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.21.05.png\" alt=\"\"\/><br\/><\/li><li>Remplissez les d\u00e9tails pour le nouveau IDP:<ol start=\"1\"><li>D\u00e9finissez le \u201cNom du fournisseur\u201d sur Redshift-ReadOnly (comme notre application pr\u00e9c\u00e9demment configur\u00e9e).<\/li><li>T\u00e9l\u00e9chargez le fichier de m\u00e9tadonn\u00e9es que nous avons t\u00e9l\u00e9charg\u00e9 lors du processus de configuration de notre application IAM Identity Center.<img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/f2db2cb3-28d0-4578-ac63-f813a350a2d9#media-blob-url=true&amp;id=af2a9aac-ed5d-4c7c-8aea-e91254cfdeaf&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=597&amp;width=866&amp;alt=\"\/>  Cliquez sur \u201cAjouter un fournisseur\u201d et terminez.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"866\" height=\"597\" class=\"wp-image-85744\" style=\"width: 866px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.22.59.png\" alt=\"\"\/><\/li><\/ol><\/li><li>Allez \u00e0 la page de description de l&rsquo;IDP et copiez l&rsquo;ARN de l&rsquo;IDP <strong>IDP ARN<\/strong>, nous l&rsquo;utiliserons plus tard<strong>.<\/strong><br\/><img loading=\"lazy\" decoding=\"async\" width=\"626\" height=\"321\" class=\"wp-image-85745\" style=\"width: 626px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.04.43.png\" alt=\"\"\/><img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/0a06764a-c351-43f3-810a-15da912d7c05#media-blob-url=true&amp;id=39497b0d-7a31-4add-8c83-107db8043f05&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=321&amp;width=626&amp;alt=\"\/><\/li><\/ol>\n\n<h3 class=\"wp-block-heading\" id=\"Create-IAM-Role-&amp;-Policy\">Cr\u00e9er un R\u00f4le IAM &amp; une Politique<\/h3>\n\n<p>Maintenant que nous avons cr\u00e9\u00e9 le fournisseur d&rsquo;identit\u00e9 \u00e0 utiliser par notre application IAM Identity Center, nous pouvons cr\u00e9er le r\u00f4le qui sera utilis\u00e9 pour se connecter au cluster Redshift lui-m\u00eame.<\/p>\n\n<ol class=\"wp-block-list\"><li>Dans le panneau lat\u00e9ral du tableau de bord IAM de votre compte Redshift, cliquez sur <strong>R\u00f4les<\/strong>.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"271\" height=\"437\" class=\"wp-image-85747\" style=\"width: 271px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.14.15.png\" alt=\"\"\/> <\/li><li>Dans le coin sup\u00e9rieur droit, cliquez sur \u201cCr\u00e9er un R\u00f4le\u201d.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1341\" height=\"128\" class=\"wp-image-85748\" style=\"width: 1341px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.15.37.png\" alt=\"\"\/><br\/> <\/li><li>Cr\u00e9ez une entit\u00e9 de confiance de type f\u00e9d\u00e9ration SAML 2.0 et d\u00e9finissez les \u00e9l\u00e9ments suivants:<ol start=\"1\"><li>D\u00e9finissez l&rsquo;IDP sur l&rsquo;IDP \u201cRedshift-ReadOnly\u201d que nous avons cr\u00e9\u00e9 plus t\u00f4t.<\/li><li>Cochez le bouton radio \u201cAutoriser uniquement l&rsquo;acc\u00e8s programmatique\u201d et d\u00e9finissez:<br\/><strong>Attribut: \u201cSAML:aud\u201d<\/strong> \u2192 d\u00e9finissant quelle audience peut assumer ce r\u00f4le.<br\/><strong>Valeur: \u201c<\/strong><a href=\"http:\/\/localhost:7890\/redshift\/\"><strong>http:\/\/localhost:7890\/redshift\/<\/strong><\/a><strong>\u201d<\/strong> \u2192 D\u00e9finir l&rsquo;audience sur notre serveur local de driver JDBC Redshift (comme expliqu\u00e9 dans la premi\u00e8re section).<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1190\" height=\"780\" class=\"wp-image-85749\" style=\"width: 1190px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.44.02.png\" alt=\"\"\/><br\/>Cliquez sur \u201cSuivant\u201d.<br\/><\/li><\/ol><\/li><li>Cliquez sur \u201cCr\u00e9er une politique\u201d et un nouvel onglet s&rsquo;ouvrira.<img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/5f413ee0-9082-48fe-bbf9-1266e384f039#media-blob-url=true&amp;id=f54050e8-48e9-4c67-8e16-34cb159b53b5&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=165&amp;width=1303&amp;alt=\"\/> <\/li><li>S\u00e9lectionnez \u201cJSON\u201d.<img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/38e95090-ae9b-4366-9c1e-4c24cab89231#media-blob-url=true&amp;id=75587102-9ee1-4ce6-abd5-c83d2c872050&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=135&amp;width=1139&amp;alt=\"\/> <\/li><li>Dans le panneau de l&rsquo;\u00e9diteur de politique, collez la d\u00e9claration de politique suivante et modifiez les valeurs suivantes dans le champ \u201cRessource\u201d pour correspondre \u00e0 la v\u00f4tre: <code>&lt;region&gt;, &lt;account&gt;, &lt;clusterName&gt;<\/code>.<br\/>\t\t<div data-elementor-type=\"container\" data-elementor-id=\"85752\" class=\"elementor elementor-85752\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t<div class=\"elementor-element elementor-element-1bd19134 e-flex e-con-boxed e-con e-parent\" data-id=\"1bd19134\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-1630fc85 elementor-widget elementor-widget-code-highlight\" data-id=\"1630fc85\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-tomorrow copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-json line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-json\">\n\t\t\t\t\t<xmp>{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"redshift:CreateClusterUser\",\n                \"redshift:JoinGroup\",\n                \"redshift:GetClusterCredentials\",\n                \"redshift:ListSchemas\",\n                \"redshift:ListTables\",\n                \"redshift:ListDatabases\",\n                \"redshift:ExecuteQuery\",\n                \"redshift:FetchResults\",\n                \"redshift:CancelQuery\",\n                \"redshift:DescribeClusters\",\n                \"redshift:DescribeQuery\",\n                \"redshift:DescribeTable\"\n            ],\n            \"Resource\": [\n                \"arn:aws:redshift:<region>:<account>:cluster:<clusterName>\",\n                \"arn:aws:redshift:<region>:<account>:dbuser:<clusterName>\/${redshift:DbUser}\",\n                \"arn:aws:redshift:<region>:<account>:dbname:<clusterName>\/${redshift:DbName}\",\n                \"arn:aws:redshift:<region>:<account>:dbgroup:<clusterName>\/bi_users_group\",\n            ]\n        }\n    ]\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<br\/><\/li><li>Nommez la politique \u201cRedshift-ReadOnly-policy\u201d et cliquez sur \u201cCr\u00e9er une politique\u201d.<img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/638f1d27-23e5-4a2f-8351-3f13ebf6a7f1#media-blob-url=true&amp;id=e6d9b9f7-ff16-4b5a-851e-162a99c4d39d&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=287&amp;width=1042&amp;alt=\"\/> <br\/><img loading=\"lazy\" decoding=\"async\" width=\"1042\" height=\"287\" class=\"wp-image-85756\" style=\"width: 1042px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.55.08.png\" alt=\"\"\/><\/li><li>Revenez \u00e0 l&rsquo;onglet d&rsquo;origine o\u00f9 nous avons commenc\u00e9 \u00e0 cr\u00e9er notre r\u00f4le IAM<br\/>\u2192 cliquez sur actualiser \u2192 tapez \u00ab Redshift-ReadOnly-policy \u00bb dans la barre de recherche \u2192 cochez la politique \u00ab Redshift-ReadOnly-policy \u00bb \u2192 cliquez sur \u00ab Suivant \u00bb.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1136\" height=\"359\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.56.59.png\" class=\"wp-image-85757\" style=\"width: 1136px;\" alt=\"\"\/><\/li><li>Nommez le r\u00f4le \u00ab Redshift-ReadOnly-role \u00bb et cliquez sur \u00ab Cr\u00e9er un r\u00f4le \u00bb dans le coin inf\u00e9rieur droit.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"618\" height=\"244\" class=\"wp-image-85758\" style=\"width: 618px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-16.59.54.png\" alt=\"\"\/><img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/f0080f98-f453-40bb-83c7-24e81210a9f2#media-blob-url=true&amp;id=7ece7e5c-f65e-4144-9c4a-e4856fa6e8db&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=244&amp;width=618&amp;alt=\"\/><\/li><li>Maintenant que nous avons cr\u00e9\u00e9 le r\u00f4le IAM, allez \u00e0 sa page de description et copiez le <strong>ARN du r\u00f4le<\/strong>, nous l&rsquo;utiliserons plus tard.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1126\" height=\"320\" class=\"wp-image-85759\" style=\"width: 1126px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.08.58.png\" alt=\"\"\/><\/li><\/ol>\n\n<h3 class=\"wp-block-heading\" id=\"Configure-the-IAM-Identity-Center-Application-Attributes\">Configurer les attributs de l&rsquo;application IAM Identity Center<\/h3>\n\n<p>Pour configurer notre application pour fonctionner avec Redshift, nous devons configurer certains attributs d&rsquo;application qui lui indiqueront \u00ab comment se connecter \u00bb \u00e0 celui-ci.<\/p>\n\n<ol class=\"wp-block-list\"><li>Dans l&rsquo;IAM Identity Center, allez au panneau Applications et choisissez l&rsquo;application que nous avons cr\u00e9\u00e9e pr\u00e9c\u00e9demment.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"880\" height=\"506\" class=\"wp-image-85761\" style=\"width: 880px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.21.15.png\" alt=\"\"\/><br\/> <\/li><li>Attribuez les utilisateurs et les groupes auxquels vous souhaitez accorder des autorisations pour cette application \u2192 <a rel=\"noreferrer noopener\" href=\"https:\/\/docs.aws.amazon.com\/singlesignon\/latest\/userguide\/assignuserstoapp.html\" target=\"_blank\">Attribuer l&rsquo;acc\u00e8s des utilisateurs aux applications dans la console IAM Identity Center &#8211; AWS IAM Identity Center (successeur de AWS Single Sign-On)<\/a>.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1368\" height=\"419\" class=\"wp-image-85762\" style=\"width: 1368px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.25.48.png\" alt=\"\"\/><br\/> <\/li><li>Cliquez sur \u00ab mappages d&rsquo;attributs \u00bb.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1395\" height=\"345\" class=\"wp-image-85763\" style=\"width: 1395px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.27.54.png\" alt=\"\"\/> <\/li><li>D\u00e9finissez les attributs selon le tableau suivant et remplacez les <code>&lt;role_arn&gt;<\/code> &amp; <code>&lt;idp_arn&gt;<\/code> espaces r\u00e9serv\u00e9s par les ARN que vous avez copi\u00e9s dans les \u00e9tapes pr\u00e9c\u00e9dentes :<\/li><\/ol>\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><th class=\"has-text-align-left\" data-align=\"left\"><strong>Attribut<\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong>Valeur<\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong>Explication<\/strong><\/th><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">Sujet (attribut par d\u00e9faut)<\/td><td class=\"has-text-align-left\" data-align=\"left\">${user:email}<\/td><td class=\"has-text-align-left\" data-align=\"left\">Le sujet utilis\u00e9.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">https:\/\/aws.amazon.com\/SAML\/Attributes\/RoleSessionName<\/td><td class=\"has-text-align-left\" data-align=\"left\">${user:email}<\/td><td class=\"has-text-align-left\" data-align=\"left\">Le nom de session cr\u00e9\u00e9 contre le cluster.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">https:\/\/redshift.amazon.com\/SAML\/Attributes\/AutoCreate<\/td><td class=\"has-text-align-left\" data-align=\"left\">true<\/td><td class=\"has-text-align-left\" data-align=\"left\">Configurer l&rsquo;application pour cr\u00e9er automatiquement l&rsquo;utilisateur Redshift lors de l&rsquo;authentification.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">https:\/\/aws.amazon.com\/SAML\/Attributes\/Role<\/td><td class=\"has-text-align-left\" data-align=\"left\"><role_arn>,<idp_arn><\/idp_arn><\/role_arn><\/td><td class=\"has-text-align-left\" data-align=\"left\">Le r\u00f4le IAM et l&rsquo;IDP \u00e0 utiliser pour se connecter \u00e0 Redshift.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">https:\/\/redshift.amazon.com\/SAML\/Attributes\/DbUser<\/td><td class=\"has-text-align-left\" data-align=\"left\">${user:email}<\/td><td class=\"has-text-align-left\" data-align=\"left\">Le nom d&rsquo;utilisateur de la base de donn\u00e9es \u00e0 cr\u00e9er.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\">https:\/\/redshift.amazon.com\/SAML\/Attributes\/DbGroups<\/td><td class=\"has-text-align-left\" data-align=\"left\">readonly<\/td><td class=\"has-text-align-left\" data-align=\"left\">Le groupe de base de donn\u00e9es auquel attribuer le nouvel utilisateur cr\u00e9\u00e9.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1406\" height=\"716\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.38.32.png\" alt=\"\" class=\"wp-image-85764\"\/><\/figure>\n\n<p>Cliquez sur \u00ab Enregistrer les modifications \u00bb.<\/p>\n\n<h3 class=\"wp-block-heading\" id=\"Create-Redshift-group-&amp;-Grant-permissions\">Cr\u00e9er un groupe Redshift &amp; Accorder des autorisations<\/h3>\n\n<p>\u00c0 ce stade, nous allons configurer le <code>readonly<\/code> groupe Redshift (tel que d\u00e9fini dans les attributs de l&rsquo;application \u00e0 l&rsquo;\u00e9tape pr\u00e9c\u00e9dente) auquel chaque utilisateur sera attribu\u00e9 lors de la connexion via l&rsquo;application.<\/p>\n\n<ol class=\"wp-block-list\"><li>Connectez-vous \u00e0 votre cluster Redshift avec un utilisateur privil\u00e9gi\u00e9 (superutilisateur).<\/li><li>Ex\u00e9cutez le script SQL suivant pour cr\u00e9er le groupe <code>readonly<\/code> et lui attribuer des <code>read<\/code> autorisations sur le sch\u00e9ma public (le sch\u00e9ma par d\u00e9faut).<br\/>\t\t<div data-elementor-type=\"container\" data-elementor-id=\"85766\" class=\"elementor elementor-85766\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t<div class=\"elementor-element elementor-element-13d86d9a e-flex e-con-boxed e-con e-parent\" data-id=\"13d86d9a\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-885ec86 elementor-widget elementor-widget-code-highlight\" data-id=\"885ec86\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-tomorrow copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-sql line-numbers\">\n\t\t\t\t<code readonly=\"true\" class=\"language-sql\">\n\t\t\t\t\t<xmp>create group readonly;\ngrant usage on schema public to group readonly;\ngrant select on all tables in schema public to group readonly;<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<\/li><\/ol>\n\n<h3 class=\"wp-block-heading\" id=\"Configure-the-DataGrip-client-Data-Source\">Configurer la source de donn\u00e9es du client DataGrip<\/h3>\n\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/elementor.com\/cdn-cgi\/image\/f=auto,w=20,h=20https:\/\/elementor.atlassian.net\/gateway\/api\/emoji\/bc79594b-ab29-4483-8266-81959ca3f62f\/1f389\/path\" alt=\":tada:\" width=\"20\" height=\"20\"\/>  Nous sommes tous pr\u00eats et enfin sur le point de r\u00e9colter nos fruits!  <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/elementor.atlassian.net\/gateway\/api\/emoji\/bc79594b-ab29-4483-8266-81959ca3f62f\/1f389\/path\" alt=\":tada:\" width=\"20\" height=\"20\"\/><br\/>Dans cette \u00e9tape, nous allons configurer une source de donn\u00e9es DataGrip qui sera utilis\u00e9e comme connexion entre nous et le cluster Redshift.<\/p>\n\n<ol class=\"wp-block-list\"><li>Ouvrez DataGrip et cr\u00e9ez une nouvelle source de donn\u00e9es Redshift.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"467\" height=\"114\" class=\"wp-image-85769\" style=\"width: 467px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.52.46.png\" alt=\"\"\/> <\/li><li>Un assistant de source de donn\u00e9es s&rsquo;ouvrira pour que vous puissiez configurer la connexion, d\u00e9finissez les attributs suivants :<ol start=\"1\"><li><strong>Nom<\/strong> : Redshift ReadOnly SSO.<\/li><li><strong>H\u00f4te<\/strong> :<strong> <\/strong>votre point de terminaison du serveur Redshift.<\/li><li><strong>Utilisateur<\/strong> : votre email identifiant (sera utilis\u00e9 comme utilisateur DB Redshift).<\/li><li><strong>Mot de passe<\/strong> : le mot de passe que vous avez configur\u00e9 dans votre source d&rsquo;identit\u00e9 (Okta, PingOne, etc.)<\/li><li><strong>Base de donn\u00e9es<\/strong> : la base de donn\u00e9es \u00e0 laquelle vous souhaitez vous connecter.<\/li><li><strong>URL<\/strong> : l&rsquo;url sera principalement configur\u00e9e \u00e0 ce stade (en raison du remplissage automatique de DataGrip), tout ce qu&rsquo;il vous reste \u00e0 faire est de changer le pr\u00e9fixe de l&rsquo;url JDBC de <code>jdbc:redshift:\/\/<\/code> \u00e0 <code>jdbc:redshift:iam:\/\/<\/code>.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"559\" height=\"671\" class=\"wp-image-85770\" style=\"width: 559px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-17.57.29.png\" alt=\"\"\/> <\/li><\/ol><\/li><li>Allez \u00e0 l&rsquo;onglet <code>Advanced<\/code> et configurez ces 3 attributs :<ol start=\"1\"><li><strong>nom_du_plugin<\/strong> : <code>com.amazon.redshift.plugin.BrowserSamlCredentialsProvider<\/code> &#8211; d\u00e9j\u00e0 d\u00e9fini, donc modifiez-le.<\/li><li><strong>idp_reponse_timeout : <\/strong>60 &#8211; cr\u00e9ez une nouvelle valeur.<\/li><li><strong>url_de_connexion<\/strong> : &lt;votre url de connexion SAML d&rsquo;application pr\u00e9c\u00e9demment copi\u00e9e&gt; &#8211; cr\u00e9ez une nouvelle valeur.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"547\" height=\"245\" class=\"wp-image-85771\" style=\"width: 547px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-18.10.07.png\" alt=\"\"\/> <\/li><\/ol><\/li><li>En bas de l&rsquo;assistant de configuration de la source de donn\u00e9es, cliquez sur \u00ab tester la connexion \u00bb.<br\/><img loading=\"lazy\" decoding=\"async\" width=\"549\" height=\"88\" class=\"wp-image-85772\" style=\"width: 549px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-18.11.44.png\" alt=\"\"\/><img decoding=\"async\" alt=\"\" src=\"blob:https:\/\/elementor.atlassian.net\/938ff2bb-46c7-4cd9-9020-aa00b134d7b5#media-blob-url=true&amp;id=ec78f4d0-c3c0-4743-8a1d-e5568685c9e7&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=88&amp;width=549&amp;alt=\"\/><br\/>Une fois cliqu\u00e9, votre navigateur s&rsquo;ouvrira et affichera l&rsquo;\u00e9cran suivant :<br\/><img loading=\"lazy\" decoding=\"async\" width=\"1156\" height=\"197\" class=\"wp-image-85773\" style=\"width: 1156px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-18.14.29.png\" alt=\"\"\/><br\/>Si tout est correctement configur\u00e9, vous devriez voir la fen\u00eatre contextuelle suivante dans DataGrip :<br\/><img loading=\"lazy\" decoding=\"async\" width=\"467\" height=\"215\" class=\"wp-image-85774\" style=\"width: 467px;\" src=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/Screenshot-2566-07-02-at-18.14.34.png\" alt=\"\"\/><img decoding=\"async\" src=\"blob:https:\/\/elementor.atlassian.net\/8b152b94-3cbd-465a-a56f-6cfc8cec2c19#media-blob-url=true&amp;id=ac42272d-34e4-46b6-9ec4-57583deb1983&amp;collection=contentId-664896059&amp;contextId=664896059&amp;height=215&amp;width=467&amp;alt=\" alt=\"\"\/><br\/>Cliquez sur OK.<br\/><br\/>C&rsquo;est tout!\nMerci de votre lecture \ud83d\ude42 <\/li><\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e?<br \/>\nDans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l&rsquo;acc\u00e8s des utilisateurs en configurant l&rsquo;authentification SSO avec Redshift et AWS IAM Identity Center. <\/p>\n","protected":false},"author":2024233,"featured_media":107588,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[229],"tags":[],"marketing_persona":[],"marketing_intent":[],"class_list":["post-111499","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-development-fr"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Activation de l&#039;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)<\/title>\n<meta name=\"description\" content=\"Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e? Dans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l&#039;acc\u00e8s des utilisateurs en configurant l&#039;authentification SSO avec Redshift et AWS IAM Identity Center.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Activation de l&#039;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)\" \/>\n<meta property=\"og:description\" content=\"Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e? Dans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l&#039;acc\u00e8s des utilisateurs en configurant l&#039;authentification SSO avec Redshift et AWS IAM Identity Center.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/elemntor\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-25T13:23:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-01T11:17:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"1260\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Yuval Press\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@elemntor\" \/>\n<meta name=\"twitter:site\" content=\"@elemntor\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Yuval Press\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\"},\"author\":{\"name\":\"Yuval Press\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#\/schema\/person\/13b9197afb0317055c2c68ec36812410\"},\"headline\":\"Activation de l&rsquo;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)\",\"datePublished\":\"2023-07-25T13:23:00+00:00\",\"dateModified\":\"2025-12-01T11:17:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\"},\"wordCount\":1613,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#organization\"},\"image\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png\",\"articleSection\":[\"D\u00e9veloppement\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\",\"url\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\",\"name\":\"Activation de l'authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)\",\"isPartOf\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png\",\"datePublished\":\"2023-07-25T13:23:00+00:00\",\"dateModified\":\"2025-12-01T11:17:47+00:00\",\"description\":\"Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e? Dans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l'acc\u00e8s des utilisateurs en configurant l'authentification SSO avec Redshift et AWS IAM Identity Center.\",\"breadcrumb\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage\",\"url\":\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png\",\"contentUrl\":\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png\",\"width\":2400,\"height\":1260},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/elementor.com\/blog\/fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"D\u00e9veloppement\",\"item\":\"https:\/\/elementor.com\/blog\/fr\/category\/development-fr\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Activation de l&#8217;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#website\",\"url\":\"https:\/\/elementor.com\/blog\/fr\/\",\"name\":\"Elementor\",\"description\":\"Website Builder for WordPress\",\"publisher\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/elementor.com\/blog\/fr\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#organization\",\"name\":\"Elementor\",\"url\":\"https:\/\/elementor.com\/blog\/fr\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2025\/06\/images.png\",\"contentUrl\":\"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2025\/06\/images.png\",\"width\":225,\"height\":225,\"caption\":\"Elementor\"},\"image\":{\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/elemntor\/\",\"https:\/\/x.com\/elemntor\",\"https:\/\/www.instagram.com\/elementor\/\",\"https:\/\/www.youtube.com\/channel\/UCt9kG_EDX8zwGSC1-ycJJVA?sub_confirmation=1\",\"https:\/\/en.wikipedia.org\/wiki\/Elementor\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#\/schema\/person\/13b9197afb0317055c2c68ec36812410\",\"name\":\"Yuval Press\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/elementor.com\/blog\/fr\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/faf67adc84158d77545efc51c560e86b017a0dbc7b31fbd9146ca076480ba73d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/faf67adc84158d77545efc51c560e86b017a0dbc7b31fbd9146ca076480ba73d?s=96&d=mm&r=g\",\"caption\":\"Yuval Press\"},\"description\":\"Senior DataOps Engineer. A long-time fan of professional challenges, endlessly fascinated with the latest technologies. Especially Passionate about the security aspect of DevOps.\",\"url\":\"https:\/\/elementor.com\/blog\/fr\/author\/yuvalp\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Activation de l'authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)","description":"Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e? Dans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l'acc\u00e8s des utilisateurs en configurant l'authentification SSO avec Redshift et AWS IAM Identity Center.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/","og_locale":"fr_FR","og_type":"article","og_title":"Activation de l'authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)","og_description":"Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e? Dans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l'acc\u00e8s des utilisateurs en configurant l'authentification SSO avec Redshift et AWS IAM Identity Center.","og_url":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/","og_site_name":"Blog","article_publisher":"https:\/\/www.facebook.com\/elemntor\/","article_published_time":"2023-07-25T13:23:00+00:00","article_modified_time":"2025-12-01T11:17:47+00:00","og_image":[{"width":2400,"height":1260,"url":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png","type":"image\/png"}],"author":"Yuval Press","twitter_card":"summary_large_image","twitter_creator":"@elemntor","twitter_site":"@elemntor","twitter_misc":{"\u00c9crit par":"Yuval Press","Dur\u00e9e de lecture estim\u00e9e":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#article","isPartOf":{"@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/"},"author":{"name":"Yuval Press","@id":"https:\/\/elementor.com\/blog\/fr\/#\/schema\/person\/13b9197afb0317055c2c68ec36812410"},"headline":"Activation de l&rsquo;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)","datePublished":"2023-07-25T13:23:00+00:00","dateModified":"2025-12-01T11:17:47+00:00","mainEntityOfPage":{"@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/"},"wordCount":1613,"commentCount":0,"publisher":{"@id":"https:\/\/elementor.com\/blog\/fr\/#organization"},"image":{"@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage"},"thumbnailUrl":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png","articleSection":["D\u00e9veloppement"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/","url":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/","name":"Activation de l'authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)","isPartOf":{"@id":"https:\/\/elementor.com\/blog\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage"},"image":{"@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage"},"thumbnailUrl":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png","datePublished":"2023-07-25T13:23:00+00:00","dateModified":"2025-12-01T11:17:47+00:00","description":"Votre connexion \u00e0 Redshift est-elle suffisamment s\u00e9curis\u00e9e? Dans ce guide \u00e9tape par \u00e9tape, vous apprendrez \u00e0 am\u00e9liorer la s\u00e9curit\u00e9 et \u00e0 simplifier l'acc\u00e8s des utilisateurs en configurant l'authentification SSO avec Redshift et AWS IAM Identity Center.","breadcrumb":{"@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#primaryimage","url":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png","contentUrl":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2023\/08\/2023_7_Enabling-Redshift-SSO-authentication.png","width":2400,"height":1260},{"@type":"BreadcrumbList","@id":"https:\/\/elementor.com\/blog\/fr\/activation-de-lauthentification-sso-redshift-avec-aws-iam-identity-center-multi-compte\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/elementor.com\/blog\/fr\/"},{"@type":"ListItem","position":2,"name":"D\u00e9veloppement","item":"https:\/\/elementor.com\/blog\/fr\/category\/development-fr\/"},{"@type":"ListItem","position":3,"name":"Activation de l&#8217;authentification SSO Redshift avec AWS IAM Identity Center (Multi-Compte)"}]},{"@type":"WebSite","@id":"https:\/\/elementor.com\/blog\/fr\/#website","url":"https:\/\/elementor.com\/blog\/fr\/","name":"Elementor","description":"Website Builder for WordPress","publisher":{"@id":"https:\/\/elementor.com\/blog\/fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/elementor.com\/blog\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/elementor.com\/blog\/fr\/#organization","name":"Elementor","url":"https:\/\/elementor.com\/blog\/fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/elementor.com\/blog\/fr\/#\/schema\/logo\/image\/","url":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2025\/06\/images.png","contentUrl":"https:\/\/elementor.com\/blog\/wp-content\/uploads\/2025\/06\/images.png","width":225,"height":225,"caption":"Elementor"},"image":{"@id":"https:\/\/elementor.com\/blog\/fr\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/elemntor\/","https:\/\/x.com\/elemntor","https:\/\/www.instagram.com\/elementor\/","https:\/\/www.youtube.com\/channel\/UCt9kG_EDX8zwGSC1-ycJJVA?sub_confirmation=1","https:\/\/en.wikipedia.org\/wiki\/Elementor"]},{"@type":"Person","@id":"https:\/\/elementor.com\/blog\/fr\/#\/schema\/person\/13b9197afb0317055c2c68ec36812410","name":"Yuval Press","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/elementor.com\/blog\/fr\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/faf67adc84158d77545efc51c560e86b017a0dbc7b31fbd9146ca076480ba73d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/faf67adc84158d77545efc51c560e86b017a0dbc7b31fbd9146ca076480ba73d?s=96&d=mm&r=g","caption":"Yuval Press"},"description":"Senior DataOps Engineer. A long-time fan of professional challenges, endlessly fascinated with the latest technologies. Especially Passionate about the security aspect of DevOps.","url":"https:\/\/elementor.com\/blog\/fr\/author\/yuvalp\/"}]}},"_links":{"self":[{"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/posts\/111499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/users\/2024233"}],"replies":[{"embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/comments?post=111499"}],"version-history":[{"count":1,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/posts\/111499\/revisions"}],"predecessor-version":[{"id":111502,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/posts\/111499\/revisions\/111502"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/media\/107588"}],"wp:attachment":[{"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/media?parent=111499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/categories?post=111499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/tags?post=111499"},{"taxonomy":"marketing_persona","embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/marketing_persona?post=111499"},{"taxonomy":"marketing_intent","embeddable":true,"href":"https:\/\/elementor.com\/blog\/fr\/wp-json\/wp\/v2\/marketing_intent?post=111499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}