Internet gateway – To connect to AWS services outside your VPC, you can attach an internet gateway to your VPC subnet, as described in the Amazon VPC User Guide.To do so, configure a network address translation (NAT) gateway, as described in the Amazon VPC User Guide. You can also access a host instance outside the AWS network. NAT gateway – You can connect to an Amazon S3 bucket in another AWS Region, and you can connect to another service within the AWS network.If you use Lake Formation, you can find more information about establishing a private connection between your VPC and AWS Lake Formation at AWS Lake Formation and interface VPC endpoints (AWS PrivateLink). For more information about using endpoints with Amazon Redshift, see Working with VPC endpoints. When you use VPC endpoints, you can attach an endpoint policy to manage access to Amazon S3. ** VPC endpoints **– For traffic to an Amazon S3 bucket in the same AWS Region as your cluster, you can create a VPC endpoint to direct traffic directly to the bucket. ![]() When you run a COPY or UNLOAD command on a cluster with enhanced VPC routing turned on, your VPC routes the traffic to the specified resource using the strictest, or most specific, network path available.įor example, you can configure the following pathways in your VPC: You must specifically create a network path between your cluster's VPC and your data resources, as described following. If enhanced VPC routing is not turned on, Amazon Redshift routes traffic through the internet, including traffic to other services within the AWS network.īecause enhanced VPC routing affects the way that Amazon Redshift accesses other resources, COPY and UNLOAD commands might fail unless you configure your VPC correctly. For more information, see Redshift Spectrum and enhanced VPC routing. You can't use enhanced VPC routing with Redshift Spectrum. When you use enhanced VPC routing to route traffic through your VPC, you can also use VPC flow logs to monitor COPY and UNLOAD traffic.Īmazon Redshift clusters and Amazon Redshift Serverless workgroups support enhanced VPC routing. You use these features to tightly manage the flow of data between your Amazon Redshift cluster and other resources. By using enhanced VPC routing, you can use standard VPC features, such as VPC security groups, network access control lists (ACLs), VPC endpoints, VPC endpoint policies, internet gateways, and Domain Name System (DNS) servers, as described in the Amazon VPC User Guide. When you use Amazon Redshift enhanced VPC routing, Amazon Redshift forces all COPY and UNLOAD traffic between your cluster and your data repositories through your virtual private cloud (VPC) based on the Amazon VPC service.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |