Issue:
when I tried to create new redshift database user using IAM (user will be authenticated with SSO using AD) and got the below error.
Service: AmazonRedshift; Status Code: 400; Error Code: InvalidParameterValue; Request ID: 1583fdd5-11e5-4f58-926a-b4f7f7232d90)
Root cause:
Looks like Redshift not allow to create new DB user starting with _"underscore",when the user authenticated with Single sign on .But when you create the local user on DB without AD authenticated user, Redshift will allow to create the user with _"underscore".
It will not allow user to start with _"underscore" on single sign on using AD
IAM error retrieving temp credentials: DbUser parameter must be lowercase, begin with a letter, contain only alphanumeric characters, underscore ('_'), plus sign ('+'), dot ('.'), at ('@'), or hyphen ('-'), and be less than 128 characters. (Service: AmazonRedshift; Status Code: 400; Error Code: InvalidParameterValue; Request ID: 1583fdd5-11e5-4f58-926a-b4f7f7232d90)
DbUser parameter must be lowercase, begin with a letter, contain only alphanumeric characters, underscore ('_'), plus sign ('+'), dot ('.'), at ('@'), or hyphen ('-'), and be less than 128 characters. (Service: AmazonRedshift; Status Code: 400; Error Code: InvalidParameterValue; Request ID: 1583fdd5-11e5-4f58-926a-b4f7f7232d90)
Solution
do not create IAM Redshift DB user with underscore and always create user start with letter .
DbUser parameter must be lowercase, begin with a letter, contain only alphanumeric characters, underscore ('_'), plus sign ('+'), dot ('.'), at ('@'), or hyphen ('-'), and be less than 128 characters.
