Why can't I connect to my Amazon Redshift cluster?

4 minute read
0

I have an Amazon Redshift cluster, but I can't connect to it. I want to know how to resolve this issue.

Short description

A connection timeout error often causes issues with Amazon Redshift clusters. You receive an error message that's similar to the following one:

"could not connect to server: Connection timed out
Is the server running on host "example.123456789.us-east-1.redshift.amazonaws.com" (255.255.255.255) and accepting
TCP/IP connections on port 5439?"

To resolve this issue, complete the following troubleshooting steps for a cluster that's in a public or private subnet.

Resolution

My cluster is in a public subnet but it isn't accessible from the internet

A Redshift cluster is accessible from the internet when the following criteria are met:

  • You turned on the Publicly accessible cluster setting.
  • You provisioned the cluster in a public subnet.
  • The cluster's security group contains an inbound rule that allows the source IP address or CIDR block connections to the cluster's port number.

Note: Before you complete the following steps, make sure that your Amazon Virtual Private Cloud (VPC) has an internet gateway attached to it.

Turn on the Publicly accessible setting in your cluster:

  1. Open the Amazon Redshift console.
  2. Choose Clusters.
  3. Select the cluster that you want to connect to.
  4. Choose Actions.
  5. Choose Modify publicly accessible setting.
  6. Check the box for Turn on Publicly accessible.
  7. (Optional) Select your Elastic IP address.
  8. Choose Save Changes.

My cluster is in a private subnet, and I can't connect to it from my local computer

You have two options to connect your cluster to a local machine:

  • Make the cluster's subnet public.
  • Use the Amazon Redshift Query Editor v2.

Make the cluster's subnet public

Complete the following steps:

  1. Open the Amazon Redshift console.
  2. Choose Clusters.
  3. Select the cluster that you want to connect to.
  4. Choose the Configuration tab to open the Cluster Properties page.
  5. Choose View VPCs to open the Amazon VPC console.
  6. In the navigation pane, choose Route Tables.
  7. Select the route table that's associated with the subnet where your cluster is.
  8. Choose Edit.
  9. Choose Add route.
    For IPv4 traffic: In the Destination field, enter the CIDR range that you want to provide access to. In the Target field, select the internet gateway ID.
    For IPv6 traffic: In the Destination field, enter ::/0. In the Target field, select the internet gateway ID.
  10. Choose Save.

Use the Amazon Redshift Query Editor v2

To connect to your Redshift cluster without changing your network settings, use the Query Editor v2. Follow the directions in Connecting to an Amazon Redshift database.

I can't access my cluster from an Amazon EC2 instance that's in a different VPC

Create a VPC peering connection between the VPCs. This allows two VPCs to communicate with each other through private IP addresses.

  1. Follow the steps for Creating and accepting a VPC peering connection.
    Note: If the VPCs are in the same AWS account, then make sure that the IPv4 CIDR blocks don't overlap.

  2. Update both route tables.

  3. Update your security groups to reference peer VPC groups.

  4. On the Amazon Elastic Compute Cloud (Amazon EC2) instance, test the VPC peering connection with a networking utility. The following example uses netcat on the SourceForge website:

    nc -zv HOSTNAME PORT

    If the VPC peering connection is successful, then you receive an output that's similar to the following example:

    $ nc -zv example.123456789.us-east-1.redshift.amazonaws.com 5439  
    found 0 associations  
    found 1 connections:  
         1:    flags=82<CONNECTED,PREFERRED>  
        outif en0  
        src xx.xxx.xxx.xx port 53396  
        dst xx.xxx.xxx.xxx port 5439  
        rank info not available  
        TCP aux info available  
      
    Connection to example.123456789.us-east-1.redshift.amazonaws.com port 5439 [tcp/*] succeeded!

Related information

Authorize access to the cluster

Managing clusters in a VPC

Work with VPC peering connections

Work with route tables

AWS OFFICIAL
AWS OFFICIALUpdated 8 months ago