Redshift is a petabyte data warehouse provided by AWS cloud. If you have created Redshift cluster by default it will be publicly accessible. Amazon has taken a lot of measure to secure Redshift cluster from unforeseen events such as unauthorized access from the network. In this article, we will discuss common Redshift connection issues, causes and resolution.
Redshift Connection Issues
Accessing redshift from EC2 instance is easy as you don’t have to take any security measures as EC2 instance is also created in the AWS cloud. But if you are connecting to the Redshift cluster from your local system then, probably you have to take care of some security exception stuffs.
Below are the most common connection issue that you may face while connecting to Redshift cluster:
- “Failed to establish a connection to ‘endpoint‘.”
- “Could not connect to server: Connection timed out. Is the server running on host ‘endpoint‘ and accepting TCP/IP connections on port ‘port‘?”
- “Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.”
Redshift Connection Issues Resolution
Generally, above errors are due to cluster permission issues. When you receive an error message indicating that there is a failure to establish a connection, it is an issue with permission to access the cluster. The issue may occur when you try to connect from a postgreSQL psql client or any third party tools like Aginity Pro.
If you attempt to connect to the cluster from a client tool (such as psql, SQL workbench, Aginity pro) outside of the network that the Redshift cluster is in, you must add an ingress rule to the cluster security group for the CIDR/IP that you are connecting from:
I was attempting to connect to the Redshift cluster from my local machine using psql and Aginity pro. I got to know I should explicitly add my local IP/CIDR to the inbound rules for security group.
You can find the security group menu in the AWS console at Services>VPC>Security Groups. Then click to your security group, and you should see the inbound rules tab at the bottom of the page next to description tab.
Note that, when you add new rule you should choose My IP in the source drop down list to automatically choose your local IP/CIDR.
Related Articles,
Hope this helps 🙂