How do I change an Amazon Redshift cluster from private to publicly accessible?

Follow the steps for Modifying a Cluster. In the Modify Cluster window, change Publicly accessible to Yes. Confirm the change by checking the Publicly accessible parameter in Cluster Database Properties on the Configuration tab.

If you still can't connect to the cluster from the internet or a different network, check the following settings.

Security group

  1. Open the Amazon Redshift console, and then choose the details page icon next to the cluster.
  2. Locate VPC ID in the Cluster Properties section, and then choose View VPCs to open the Amazon VPC console.
  3. Choose Security Groups in the navigation pane.
  4. Select the security group associated with the VPC that your Amazon Redshift cluster is in.
  5. On the Inbound Rules tab, be sure that your IP address and the port of your Amazon Redshift cluster are allowed. The default port for Amazon Redshift is 5439, but your port might be different. Note: Although security groups are stateful, it’s a best practice to be sure that the Outbound Rules allow outbound communications. By default, a security group includes an outbound rule that allows all outbound traffic. For more information, see Security Group Basics.

VPC network access control list (network ACL)

Unlike security groups, network ACLs are stateless, which means that you must configure both inbound and outbound rules. Be sure that your IP address and the port of your Amazon Redshift cluster are allowed in the inbound and outbound rules for the VPC network ACL. For more information, see Adding and Deleting Rules.

VPC route table

To connect to a publicly accessible cluster from the public internet, an internet gateway must be attached to the route table associated with the VPC that your cluster is in. Verify route table settings on the Amazon VPC console. For more information, see Enabling Internet Access.

If you don’t want to make the subnet publicly accessible because of other resources that are in that subnet, use a snapshot to restore the cluster into a public subnet.

You should now be able to access the cluster from the public internet. If you're still having connection problems, use network diagnostic tools such as Telnet and tcpdump for additional troubleshooting.


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2018-07-23