Greenplum

Encrypting network traffic

Looker strongly recommends encrypting network traffic between the Looker application and your database. Consider one of the options described on the Enabling secure database access documentation page.

If you're interested in using SSL encryption, see this official Greenplum security configuration guide.

Users and security

Change some_password_here to a unique, secure password:

CREATE USER looker WITH ENCRYPTED PASSWORD 'password';
GRANT CONNECT ON DATABASE database_name to looker;
\c database_name
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO looker;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO looker;

To grant Looker the necessary permissions to cancel its queries, run:

CREATE OR REPLACE FUNCTION pg_kill_connection(integer) RETURNS boolean AS 'select pg_terminate_backend($1);' LANGUAGE SQL SECURITY DEFINER;

Temp schema setup

Create a schema owned by the Looker user:

CREATE SCHEMA looker_scratch AUTHORIZATION looker;

Feature support

For Looker to support some features, your database dialect must also support them.

Greenplum supports the following features as of Looker 23.16:

Feature	Supported?
Support Level	Supported
Looker (Google Cloud core)	No
Symmetric Aggregates	Yes
Derived Tables	Yes
Persistent SQL Derived Tables	Yes
Persistent Native Derived Tables	Yes
Stable Views	Yes
Query Killing	Yes
SQL-based Pivots	Yes
Timezones	Yes
SSL	Yes
Subtotals	Yes
JDBC Additional Params	Yes
Case Sensitive	Yes
Location Type	Yes
List Type	Yes
Percentile	Yes
Distinct Percentile	Yes
SQL Runner Show Processes	Yes
SQL Runner Describe Table	Yes
SQL Runner Show Indexes	Yes
SQL Runner Select 10	Yes
SQL Runner Count	Yes
SQL Explain	Yes
Oauth Credentials	No
Context Comments	Yes
Connection Pooling	Yes
HLL Sketches	No
Aggregate Awareness	Yes
Incremental PDTs	Yes
Milliseconds	Yes
Microseconds	Yes
Materialized Views	No
Approximate Count Distinct	No

Next steps

After completing the database configuration, you can connect to the database from Looker using these directions.