Start by verifying or modifying the security rules of an instance on VPC:
Note: You must provision the cluster with Publicly Accessible set to the value Yes.
- View the instance in the Redshift Dashboard and click on the Security Group.
- In the Security Group screen, select the Inbound tab.
- There should be rules for the IP addresses listed here. In each rule select the type of database and enter the Redshift port.
- If not, click Edit to change an existing rule or click Add Rule to add the rules.
If you created the cluster with a default parameter group, create a new parameter group and modify the cluster to associate to that parameter group. Then access the parameter group and edit it to set require_ssl to true.
To verify or modify the security rules of an instance on EC2-Classic (without VPC):
In your Redshift Cluster Security Group, modify a rule or add a new rule for each IP address listed here:
- In the Connection Type dropbox, choose CIDR/IP.
- In the CIDR/IP to Authorize field, enter the IP addresses from this list.
Create a Redshift user and grant it the following permissions:
- If you intend to only append data into a table, give the user minimal permissions required to execute the COPY command.
- If you intend to merge data into a table, give the user minimal permissions required to execute the COPY command, create a table, and insert and update to your target tables.