Hide databases in Amazon Redshift cluster from certain users

Question

Is it possible to hide the existence of and access to databases (incl. their schemas, tables etc) from certain users within Amazon Redshift. By default, it seems like every user is able to see other DBs even though he doesnt have permission to select data nor any other (non-default) privileges.

I tried

REVOKE ALL PRIVILEGES ON DATABASE testdb FROM testdbuser;

and similar but still testdbuser can connect to the testdb DB and even see all other objects in his object browser in a SQL tool (here: Aginity Redshift Workbench).

Ideally, testdbuser would not be able to see anything else except what he got explicitly granted access to.

Note, testdbuser is not a superuser.

Thanks!

Answer 1

Try to revoke from the PUBLIC group vs the specific user

REVOKE USAGE ON SCHEMA information_schema FROM PUBLIC;
REVOKE USAGE ON SCHEMA pg_catalog FROM PUBLIC;    -- This should suffice, but...
REVOKE SELECT ON TABLE pg_catalog.pg_database FROM PUBLIC;   -- just to be sure.

Note that this could have an undesirable effect on all users within the selected database. You will need to do this on all databases, since the user can guess another database name and see pg_catalog information there.

The user could still find all the databases via a brute force attack simply by trying to switch or connect to all possible strings.

Answer 2

Unfortunately it is not possible today. Redshift does not support the REVOKE CONNECT FROM DATABASE command, so users can connect to any database.

Because Redshift is built on PostgreSQL, once connected, users can read a list of all databases in the cluster from the system tables, and by connecting to each database can read the list of schemas, tables, and even table columns from the system tables, even if they are prevented from reading the data within those tables through the use of REVOKE ... FROM SCHEMA or REVOKE ... FROM TABLE.