diff --git a/docs/permissions/data.md b/docs/permissions/data.md
index 697dace038493db81e31f1337222fc67d1dfe290..564a4158282cf4f099def67fa5a63164cc5440a2 100644
--- a/docs/permissions/data.md
+++ b/docs/permissions/data.md
@@ -61,7 +61,7 @@ Note that [Block](#block-access) access is unavailable for individual tables/sch
 
 {% include plans-blockquote.html feature="Impersonation access" %}
 
-> For now, impersonation access is only available for PostgreSQL, and Snowflake.
+> For now, impersonation access is only available for PostgreSQL, Redshift, and Snowflake.
 
 **Impersonation access** allows you to associate user attributes with database-defined roles and their privileges. Metabase queries made by people with attributes that you define will respect the grants given to the database roles.
 
@@ -75,13 +75,16 @@ Connection impersonation does not apply to users in the Metabase admins group, a
 
 ### Setting up connection impersonation
 
+> **For impersonation to work for Redshift databases, the user account Metabase uses to [connect to your Redshift database](../databases/connections/redshift.md) must be a superuser, as Metabase will need to be able to run the [SET SESSION AUTHORIZATION](https://docs.aws.amazon.com/redshift/latest/dg/r_SET_SESSION_AUTHORIZATION) command, which can only be run by a database superuser.
+
 **In your database:**
 
-- Create a new role.
+- Create a new role (in Redshift, this would be a new user).
 - Grant that role privileges.
 
 For exactly how to create a new role in your database and grant that role privileges, you'll need to consult your database's documentation. We also have some docs on [users, roles, and privileges](../databases/users-roles-privileges.md) that can help you get started.
 
+
 **In your Metabase:**
 
 - Create a [new group](../people-and-groups/managing.md#groups), or select an existing group.