Skip to main content

What’s New

Qrvey 9.0
Qrvey Version 9.0 is now available! This release introduces multi-platform hosting (Azure & AWS), a redesigned Dashboard, extensive widget customizations, and numerous features, enhancements, bug fixes, and performance improvements.
Learn More
Qrvey 8.8
Qrvey Version 8.8 (LTS) is now available to customers! This version supports FIPS for GovCloud and includes tons of bug fixes and performance improvements.
Learn More
Qrvey 8.7
Version 8.7 of the Qrvey platform is now available to customers! This version includes new features including area charts, the ability to pivot and export data, as well as numerous bug fixes and performance improvements.
Learn More
Qrvey 8.6
Version 8.6 of the Qrvey platform is now available to customers. This version includes several new feature enhancements and performance improvements.
Learn More
Required Update for 8.5.1
Attention 8.5.1 customers: for any 8.5.1 instance deployed prior to 08/05/2024, an update is required to ensure you are running the latest images.
Learn More
Qrvey 8.5
Version 8.5 (LTS) of the Qrvey platform is now available to customers. This version includes several new features and performance improvements.
Learn More
End-of-life Schedule
We've added a new article that lists the features and endpoints that have been scheduled for deprecation. All features and endpoints will be supported for (1) year after the release date of the LTS version that contains the alternative.
Learn More
Version: 9.0

Configure Redshift, Snowflake, and Postgres during Migration

Before You Begin: Identify any custom roles assigned to your Serverless instance for Redshift, Snowflake, or Postgres. Locate the <instanceId>_dataload_drDataSourcePump serverless instance Lambda, replacing instanceId with the instance ID of your Qrvey platform. Select Configuration > Permissions and open the execution role in a new window. Identify and open any custom policies related to the Redshift, Snowflake, or Postgres databases so the information can be retrieved later.

1. Access the Qrvey Kubernetes Cluster

  1. Log in to the Qrvey AWS account.
  2. Open the Amazon Elastic Kubernetes Service (EKS) console.
  3. Navigate to Clusters.
  4. Select the appropriate Qrvey Kubernetes cluster.
  5. Go to the Access tab.
  6. Scroll down to the Pod Identity associations section.
  7. Open the associated IAM Role.

2. Add Inline Policies to the Pod Identity Role

For each data source (Redshift, Snowflake, and Postgres), you must add the corresponding IAM policy to the Pod Identity role.

IAM Policy for Redshift

  1. In the Pod Identity IAM Role, click Add inline policy.
  2. Go to the JSON tab.
  3. Paste the following policy, replacing {AWS_ACCOUNT_REDSHIFT} with the Redshift AWS account number:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor2",
            "Effect": "Allow",
            "Action": [
                "sts:AssumeRole",
                "sts:TagSession"
            ],
            "Resource": [
                "arn:aws:iam::{AWS_ACCOUNT_REDSHIFT}:role/RedshiftDataAccessRole"
            ]
        }
    ]
}
  1. Locate the IAM role named:
<instanceID>_dataload_DbDatasourceExportToS3Role_MP
  1. Go to the Trust Relationships tab.
  2. Add or update the following trust policy, replacing {AWS_ACCOUNT_REDSHIFT} with your actual values:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::{AWS_ACCOUNT_REDSHIFT}:role/RedshiftDataAccessRole"
            },
            "Action": [
                "sts:AssumeRole",
                "sts:TagSession"
            ]
        },
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "redshift.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}
  1. Save the Pod Identity IAM Role.

IAM Policy for Snowflake

  1. In the Pod Identity IAM Role, click Add inline policy.
  2. Open the JSON tab and paste the following policy, replacing <SECRET_ARN> and <KMS_KEY_ARN> with your actual values:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "getSecretValue",
      "Effect": "Allow",
      "Action": [
        "secretsmanager:GetSecretValue"
      ],
      "Resource": [
        "<SECRET_ARN>"
      ]
    },
    {
      "Sid": "getPublicKey",
      "Effect": "Allow",
      "Action": [
        "kms:GetPublicKey",
        "kms:Sign"
      ],
      "Resource": ["<KMS_KEY_ARN>"]
    }
  ]
}
  1. Save the Pod Identity IAM Role.

IAM Policy for Postgres

  1. In the Pod Identity IAM Role, click Add inline policy.
  2. Open the JSON tab and paste the following policy, replacing {AWS_ACCOUNT_POSTGRES} with your actual values:
{
    "Version": "2012-10-17",
    "Statement": {
        "Effect": "Allow",
        "Action": [
            "sts:AssumeRole",
            "sts:TagSession"
        ],
        "Resource": [
            "arn:aws:iam::{AWS_ACCOUNT_POSTGRES}:role/rds-s3-export-role"
        ]
    }
}
  1. Save the Pod Identity IAM Role.
  2. Go to the Trust Relationships tab.
  3. Add or update the following trust policy, replacing {AWS_ACCOUNT_POSTGRES} with your actual values:
{
    "Version": "2012-10-17",
    "Statement": {
        "Effect": "Allow",
        "Action": [
            "sts:AssumeRole",
            "sts:TagSession"
        ],
        "Resource": [
            "arn:aws:iam::{AWS_ACCOUNT_POSTGRES}:role/rds-s3-export-role"
        ]
    }
}
  1. Save