# Connect Soda to Amazon Redshift > For Soda to run quality scans on your data, you must configure it to connect to your data source.\ > To learn how to set up Soda and configure it to connect to your data sources, see [Get started](https://docs.soda.io/soda-documentation/soda-v3/quick-start-sip/setup-guide). ## Connection configuration reference Install package: `soda-redshift` ```yaml data_source my_datasource_name: type: redshift host: 127.0.0.1 username: simple password: simple_pass database: soda schema: public access_key_id: ${KEY_ID} secret_access_key: ${ACCESS_KEY} role_arn: arn:aws:ec2:us-east-1:123456789012:instance/i-012abcd34exxx56 region: us-east-1 ```

Property	Required	Notes
`type`	required	Identify the type of data source for Soda.
`host`	required	Provide a host identifier.
`username`	required	If you provide a value for `username` and `password`: 1) the connection ignores cluster credentials 2) the username and password will be used to connect to the database If you provide a value for `username`, `access_key_id` and `secret_access_key`: 1) the access key id and secret will be used to connect to the database
`password`	required⁽¹⁾	As above. If password is not provided, then `access_key_id` and `secret_access_key` are required, and will be used to connect to the database
`database`	required	Provide an identifier for your database.
`schema`	required	Provide an identifier for the schema in which your dataset exists.
`access_key_id`	required⁽¹⁾⁽²⁾	Consider using system variables to retrieve this value securely. If `access_key_id` and `secret_access_key` are not provided, then `password` is required.
`secret_access_key`	required⁽¹⁾⁽²⁾	Consider using system variables to retrieve this value securely. If `access_key_id` and `secret_access_key` are not provided, then `password` is required.
`role_arn`	optional⁽³⁾	Provide an Amazon Resource Name, which is a string that identifies an AWS resource such as an S3 bucket or EC2 instance. Learn how to find your arn.
`region`	optional	Provide an identifier for your geographic area.
`session_token`	optional	Add a session Token to use for authentication and authorization.
`profile_name`	optional	Specify the profile Name from local AWS configuration to use for authentication and authorization.
`cluster_identifier`	optional	Provide a `str` that represents the Redshift Cluster Identifier which is the name of the Redshift cluster. This parameter is only used for AWS connection (`access_key_id` + `secret_access_key`) and ignored in username/password connection. If a `cluster_identifier` is not provided, Soda will attempt to extract it from the first segment of the `host`. `cluster_identifier` may be provided for nonstandard deployments.

¹ One of the following is required for a successful connection: * `password` * `access_key_id` + `secret_access_key` That means that `password` is optional only as long as `access_key_id` and `secret_access_key` are provided, and `access_key_id` and `secret_access_key` are optional as long as `password` is provided. `cluster_identifier` is ignored in username/password connections. ² `access_key_id` and `secret_access_key` are required parameters to obtain an authentication token from Amazon Athena or Redshift. You can provide these key values in the configuration file or as environment variables. ³You may add the optional `role_arn` parameter which first authenticates with the access keys, then uses the role to access temporary tokens that allow for authentication. Depending on your Athena or Redshift setup, you may be able to use only the `role_arn` to authenticate, though Athena still must access the keys from a config file or environment variables. See [AWS Boto3 documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html) for details on the progressive steps it takes to access the credentials it needs to authenticate. Some users who access their Athena or Redshift data source via a self-hosted Soda Agent deployed in a Kubernetes cluster have reported that they can use IAM roles for Service Accounts to authenticate, as long as the IAM role that the Kubernetes pod has from the Kubernetes Service Account has the permissions to access Athena or Redshift. See [Enable IAM Roles for Service Accounts (IRSA) on the EKS cluster](https://docs.aws.amazon.com/emr/latest/EMR-on-EKS-DevelopmentGuide/setting-up-enable-IAM.html). ## Test the data source connection To confirm that you have correctly configured the connection details for the data source(s) in your configuration YAML file, use the `test-connection` command. If you wish, add a `-V` option to the command to return results in verbose mode in the CLI. ```sh soda test-connection -d my_datasource -c configuration.yml -V ``` ## Supported data types | Category | Data type | | -------- | ----------------------------------------------------------------- | | text | CHARACTER VARYING, CHARACTER, CHAR, TEXT, NCHAR, NVARCHAR, BPCHAR | | number | SMALLINT, INT2, INTEGER, INT, INT4, BIGINT, INT8 | | time | DATE, TIME, TIMETZ, TIMESTAMP, TIMESTAMPTZ |