Inbound firewall access allows Cloud Pak for Data as a Service to connect to Redshift on AWS through the firewall. You need inbound firewall access to work with your data stored in Redshift.

To connect to Redshift from Cloud Pak for Data as a Service, you configure inbound access through the Redshift firewall by entering the IP ranges for Cloud Pak for Data as a Service into the inbound firewall rules (also called ingress rules). Inbound access through the firewall is configurable if Redshift resides on a public subnet. If Redshift resides on a private subnet, then no access is possible.

Follow these steps to configure inbound firewall access to AWS Redshift:

1. Go to your provisioned Amazon Redshift cluster.

2. Select Properties and then scroll down to Network and security settings.

3. Click the VPC security group.

   

4. Edit the active/default security group.

   

5. Under Inbound rules, change the port range to 5439 to specify the Redshift port. Then select Edit inbound rules > Add rule.

   

6. From Cloud Pak for Data as a Service, go to the Administration > Cloud integrations page.

7. Click the Firewall configuration link to view the list of IP ranges used by Cloud Pak for Data as a Service. IP addresses can be viewed in either CIDR notation or as Start and End addresses.

8. Copy each of the IP ranges listed and paste them into the Source field for inbound firewall rules.