1 Answer
- Newest
- Most votes
- Most comments
0
Hello, I understand that you are unable to connect to Redshift (VPC-A) from MWAA (VPC-B).
The issue might be related to the networking configuration between the MWAA Airflow instance and the Redshift Cluster.
- Verify security group rules.
- If your MWAA subnets are using NAT -Gateway, you can add an EIP to the NAT gateway. And similar EIP can be allowed on Redshift Security Group.
- Work with NAT gateways - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with ( Step - 7)
Since your Redshift server is publicly accessible, you need to allow the Elastic IP of the NAT gateways (Configured in MWAA) in the inbound rules of the Redshift security group.
Also, make sure to create a New NAT if previous NAT gateway does not have an EIP attached.
In order to get proper resolution for your use case we require details that are non-public information. Please open a support case with AWS using the following link. https://console.aws.amazon.com/support/home#/case/create
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
Thank you for reply. Providing additional clarification.
MWAA's VPC has 4 subnets: 2 public and 2 private. 2 private subnets has NAT gateways with EIPs attached to them. I already added those EIPs to Redshift's security group. In turn, 2 public subnets use internet gateway which do not have EIPs.
Since adding NAT EIPs didn't help, my guess is that request is coming from MWAA's public subnets. And IP of those public subnets is unknown.