PostgreSQL catalogs #

You can use a PostgreSQL catalog to configure access to a PostgresSQL or compatible database in the following deployments:

Amazon RDS on Amazon Web Services:

Azure Database on Microsoft Azure:

Cloud SQL on Google Cloud:

Configure a catalog #

To create a PostgreSQL catalog, select Catalogs in the main navigation and click Configure a catalog. Click on the PostgreSQL button in the Select a data source screen.

Select a data source

Select a cloud provider #

The Cloud provider configuration is necessary to allow Starburst Galaxy to correctly match catalogs and clusters.

The data source configured in a catalog, and the cluster must operate in the same cloud provider and region for performance and cost reasons.

Select cloud provider

Define catalog name and description #

The Name of the catalog is visible in the Query editor and other clients. It is used to identify the catalog when writing SQL or showing the catalog and its nested schemas and tables in client applications.

The name is displayed in the Query editor, and when running a SHOW CATALOGS command. It is used to fully qualify the name of any table in SQL queries following the catalogname.schemaname.tablename syntax. For example, you can run the following query in the sample cluster without first setting the catalog or schema context.

SELECT * FROM tpch.sf1.nation;

The Description is a short, optional paragraph that provides further details about the catalog. It appears in the Starburst Galaxy user interface and can help other users determine what data can be accessed with the catalog.

Enter catalog name and description

Configure the connection #

The connection to the database requires username and password authentication and details to connect to the database server, typically hostname or IP address and port. The following sections detail the setup for the supported cloud providers.

A connection to the database can be established directly, if the Starburst Galaxy IP range/CIDR is allowed to connect.

If the database is only accessible inside the virtual private cloud (VPC) of the cloud provider, you can use an SSH tunnel with a bastion host in the VPC.

Amazon RDS configuration #

To configure the connection to your database on Amazon RDS you need to provide the following details:

  • RDS database host, use the fully qualified domain name for the server available as Endpoint in the Amazon RDS console under Connectivity & security. Typically dbidentifier.random.regionname.rds.amazonaws.com.
  • RDS database port, port of the server available with endpoint. Typically 5432 for PostgreSQL. The port is configurable for your database in the Amazon RDS console under Connectivity - Database port.
  • Database name, used for PostgreSQL and SQL Server databases to identify the specific database to connect to.
  • RDS master database username, use the Master username.
  • RDS master database password, use the password for the master user.

The database on Amazon RDS needs to fulfill the following requirements:

  • Configured for Public access, available in the Amazon RDS console for your database in Connectivity - Additional configuration
  • VPC security group configured to allow Starburst Galaxy access. The specific IP address range/CIDR is dependent on your AWS region, and displayed after a Test connection execution. Add it as an inbound rule to allow the range.
  • Database authentication set to Password authentication.

    Amazon RDS hosted PostreSQL

Azure Database configuration #

The database on Azure Database needs to fulfill the following requirements:

  • DB server host, use the fully qualified domain name for the server available as Server name in Essentials, as well as the Connections strings in the Azure Database console.
  • DB server port, port of the server available with endpoint. Typically 5432 for PostgreSQL.
  • Database name, used only for PostgreSQL databases to identify the specific database to connect to.
  • DB server admin login name, use the Admin username of the Administrator account.
  • DB server admin password, use the password for the user.

The database on Cloud SQL needs to fulfill the following requirements from the Connection security section of the Settings for the database:

  • A firewall rule configured for the Starburst Galaxy IP address range with Start IP and End IP configured with a random Firewall rule name.
  • TLS setting configured for the Minimum TLS version as 1.2

    PostgreSQL on Azure

Cloud SQL configuration #

Configure the database on Google Cloud SQL by filling in the following required fields:

  • Database IP address, use the IP address for the server available as Public IP address in the Cloud SQL console under Connect to this instance.
  • Database port, port of the server available with endpoint. Typically 5432 for PostgreSQL.
  • Database name, used only for PostgreSQL databases to identify the specific database to connect to.
  • Username, use a configured user with sufficient access.
  • Password, use the password for the user.

The database on Cloud SQL needs to fulfill the following requirements:

  • Configured for Public IP, available in the Cloud SQL console for your database in Connections - Public IP with an Authorized network configured with the CIDR to allow Starburst Galaxy access. The specific IP address range/CIDR is dependent on your Google Cloud region, and displayed after a Test connection execution.
  • Zonal availability set to Single zone.
  • User configured with username and password in Users.

    PostgreSQL on Google Cloud SQL

Test the connection #

Once you have configured the connection details, use the Test connection button to confirm data access is working. If the test is successful, you can save the catalog.

If the test fails, Starburst Galaxy provides detailed diagnostic information that you can use to fix the database configuration in the cloud provider system.

Test connection

Connect catalog #

Click Connect catalog, and proceed to set permissions where you can grant access to certain roles.

Set permissions #

This optional step allows you to configure read access, read only access, and full read and write access to the catalog.

Click Skip to go straight to adding the catalog to a cluster. If you skip this step, you can add read only access as well as full read and write access to your catalog for any role later. Skipping this step leaves only administrative roles, and the current role while creating the catalog, with access to all schemas and tables within the catalog.

Setting read only permissions grants the specified roles read only access to the catalog. As a result users have read only access to all contained schema, tables, and views.

Setting read/write permissions grants the specified roles full read and write access to the catalog. As a result users have full read and write access to all contained schema, tables, and views.

Use the following steps to assign read/write access to roles:

  • In the Read access to this catalog section, expand the menu in the Roles and read access field.
  • Select one or more Starburst Galaxy roles from the list to grant read access to the data.
  • To prevent write access, toggle the Read only switch.
  • In the Full read/write access to this catalog section, expand the menu in the Roles with Full read/write access field.
  • Select one or more roles from the list to grant read/write access to the data.
  • Click Save access controls.

      Set permissions for read and write screenshot

Add to cluster #

You can add your catalog to a cluster later by editing a cluster. Click Skip to proceed to the catalogs page.

Use the following steps to add your catalog to an existing cluster or create a new cluster in the same cloud region:

  • In the Add to cluster section, expand the menu in the Select cluster field.
  • Select one or more existing clusters from the drop down menu.
  • Click Create a new cluster to create a new cluster in the same region, and add it to the cluster selection menu.
  • Click Add to cluster to view your new catalog’s configuration.

      Add to cluster

The Pending changes to clusters dialog appears when you try to add a catalog to a running cluster.

  • In the Pending changes to cluster dialog, click Return to catalogs to edit the catalog or create a new catalog.
  • Click Go to clusters to confirm the addition of the catalog to the running cluster.
  • On the Clusters page, click the Update icon beside the running cluster, to add the catalog.

      pending changes to cluster dialog