I can't connect to my Amazon Redshift cluster
Last updated: 2021-07-26
I'm having trouble connecting to my Amazon Redshift cluster. How do I troubleshoot this?
Short description
To connect to your Amazon Redshift cluster, check the following:
- If your Amazon Redshift cluster is in a public subnet and you want to access it over the internet, then set Publicly accessible to Yes.
- If your Amazon Redshift cluster is in a private subnet, then use a NAT gateway in the public subnet to access the internet. A cluster in a private subnet can connect to the internet using the NAT gateway, but the internet can't initiate a connection to the cluster.
- To enable your Amazon Redshift cluster to communicate with resources that are in a different virtual private cloud (VPC) account, create a VPC peering connection.
Resolution
My cluster is in a public subnet, but I can't connect to it over the internet from my local computer
Note: Before completing the steps below, make sure that your VPC has an internet gateway attached to it.
1. Open the Amazon Redshift console.
2. Choose Clusters.
3. Select the cluster to which you are trying to connect.
4. Choose Actions.
5. Choose Modify publicly accessible setting.
6. For Allow instances and devices outside the VPC to connect to your database through the cluster endpoint, choose edit publicly accessible.
7. Choose Enable.
8. (Optional) Select your Elastic IP address.
9. Choose Confirm to save your changes.
My cluster is in a private subnet, and I can't connect to it from my local computer
Your cluster must be in a public subnet for it to connect to a local machine.
To access a cluster from a local machine, perform the following steps:
1. Open the Amazon Redshift console.
2. Choose Clusters.
3. Select the cluster to which you are trying to connect.
4. Choose the Configuration tab to open the Cluster Properties page.
5. Choose View VPCs to open the Amazon VPC console.
6. In the navigation pane, choose Route Tables.
7. Select the route table that is associated with the subnet where your cluster resides.
8. Choose Edit.
9. Choose Add route.
For IPv4 traffic, enter "0.0.0.0/0" in the Destination field, and then select the internet gateway ID for the Target field.
For IPv6 traffic, enter "::/0" in the Destination field, and then select the internet gateway ID for the Target field.
10. Choose Save.
My cluster can't be accessed by an Amazon Elastic Compute Cloud (Amazon EC2) instance that is in a different VPC
Create a VPC peering connection between the VPCs. A VPC peering connection allows two VPCs to communicate with each other using private IP addresses.
1. Follow the steps for Creating and accepting a VPC peering connection.
Note: If the VPCs are in the same AWS account, make sure that the IPv4 CIDR blocks don't overlap.
3. Update your security groups to reference peer VPC groups.
4. On the EC2 instance, test the VPC peering connection using a networking utility (such as netcat). For example:
nc -zv <hostname> <port>If the VPC peering connection is successful, then the output will look like this:
$ nc -zv example.123456789.us-east-1.redshift.amazonaws.com 5439
found 0 associations
found 1 connections:
1: flags=82<CONNECTED,PREFERRED>
outif en0
src xx.xxx.xxx.xx port 53396
dst xx.xxx.xxx.xxx port 5439
rank info not available
TCP aux info available
Connection to example.123456789.us-east-1.redshift.amazonaws.com port 5439 [tcp/*] succeeded!Related information
Did this article help?
Do you need billing or technical support?