grant-usage-select-all-tables-default-privs-on-new-readonly-schema.sql
— run this – when creating a new Redshift readonly schema to grant a group read access to all objects (now and in future)
grant usage on schema <schema_name> to group read_only_group;
grant select on all tables in schema <schema_name> to group read_only_group;
— “alter default privileges”: grants read on future tables – runs as the user connected – a super user can also do this for other users (for user clause not shown)
alter default privileges in schema <schema_name> grant select on tables to group read_only_group;
alter group read_only_group add user <username>;
https://docs.aws.amazon.com/redshift/latest/dg/r_ALTER_DEFAULT_PRIVILEGES.html