In Redshift console
Start by verifying or modifying the security rules of an instance on VPC:
Note: You must provision the cluster with Publicly Accessible set to the value Yes.
- View the instance in the Redshift Dashboard and click on the Security Group.
- In the Security Group screen, select the Inbound tab.
- There should be rules for the IP addresses listed here. In each rule select the type of database and enter the Redshift port.
- If not, click Edit to change an existing rule or click Add Rule to add the rules.
To configure your cluster to only accept SSL encrypted connections:If you created the cluster with a default parameter group, create a new parameter group and modify the cluster to associate to that parameter group. Then access the parameter group and edit it to set require_ssl to true.
To verify or modify the security rules of an instance on EC2-Classic (without VPC):
In your Redshift Cluster Security Group, modify a rule or add a new rule for each IP address listed here:
- In the Connection Type dropbox, choose CIDR/IP.
- In the CIDR/IP to Authorize field, enter the IP addresses from this list.
Create a Redshift user
- Create a Redshift user.
- Grant it the following permissions:
- If you intend to only append data into a table, give the user minimal permissions required to execute the COPY command.
- If you intend to merge data into a table, give the user minimal permissions required to execute the COPY command, create a table, and insert and update to your target tables.
- Note that truncate requires Xplenty to either be the owner of the target table or have supseruser access .
To define a connection in Xplenty to Amazon Redshift
- Click your avatar, then click Account settings.
- Click Connections, then click new connection and click Amazon Redshift.
- Type a name for the connection.
- If you allow direct access from Xplenty's IP addresses, enter the hostname and port. If direct access it not allowed, read more about setting a tunnel connection here.
- Enter the user name and password you created for Xplenty to use.
- Enter the default database to use. If you leave it empty, the user's defult database will be used.
- Set the region to the AWS region in which the Redshift cluster was created. If the region requires AWS Signature v4 (see list here) you may need our support team's help with allowing Xplenty access to read from this Amazon Redshift connection.
- Click test connection. If the credentials are correct, a message that the cloud storage connection test was successful appears.
- Click create amazon s3 connection.
- The connection is created and appears in the list of connections.