VPC Configuration

  1. Open the EC2 > Security Groups console in AWS.

  2. Search for Security Groups under Network & Security.

  3. Locate the default Security Group that was automatically assigned during the Redshift configuration and click on it.

  4. Edit the inbound rules of this security group.

  5. Add a new inbound rule to allow traffic from your region’s IP range.

    • Find out the IP for your region from the table below:

      Please check out this documentation for the latest version: VPC access to an Amazon Redshift provisioned cluster or Amazon Redshift Serverless workgroup

      RegionCIDR blocksRegionCIDR blocks
      US East (Ohio)13.58.135.96/27Asia Pacific (Thailand)43.208.112.96/27
      US East (N. Virginia)52.70.63.192/27China (Beijing)52.81.151.32/27
      US West (N. California)13.57.135.192/27China (Ningxia)161.189.23.64/27
      US West (Oregon)52.89.255.224/27Europe (Zurich)16.62.183.32/27
      AWS GovCloud (US-East)18.253.138.96/27Europe (Frankfurt)35.158.127.160/27
      AWS GovCloud (US-West)52.61.204.160/27Europe (Ireland)52.19.239.192/27
      Canada (Central)35.183.92.128/27Europe (London)18.130.1.96/27
      Canada West (Calgary)40.176.98.192/27Europe (Paris)35.180.1.96/27
      Asia Pacific (Hong Kong)18.162.221.32/27Europe (Stockholm)13.53.63.224/27
      Asia Pacific (Mumbai)13.232.67.32/27Middle East (Bahrain)15.185.91.0/27
      Asia Pacific (Hyderabad)18.60.192.128/27Mexico (Central)78.12.207.32/27
      Asia Pacific (Seoul)13.209.1.64/27South America (São Paulo)18.228.1.128/27
      Asia Pacific (Singapore)13.228.64.192/27Europe (Milan)15.161.135.128/27
      Asia Pacific (Sydney)13.210.67.224/27Africa (Cape Town)13.244.121.224/27
      Asia Pacific (Jakarta)108.136.221.64/27Middle East (UAE)3.28.159.32/27
      Asia Pacific (Tokyo)13.113.196.224/27Asia Pacific (Melbourne)16.50.161.128/27
      Asia Pacific (Osaka)13.208.177.192/27Asia Pacific (Malaysia)43.216.58.0/27
    • Example for Stockholm region:

      13.53.63.224/27
      
  6. Set the Type to Redshift, and the Port Range should default to 5439 (the default Redshift port).

    • This step is required to allow Kinesis Firehose to reach your Redshift cluster. If omitted, data will not be delivered.
  7. Click Save Changes.