• Prerequisites
  • Whitelist CData IPs
  • Ensure Amazon Redshift Is Publicly Accessible
• Setup Guide
• Authentication Methods
  • Basic
  • ADFS
  • IAMCredentials
  • PingFederate
  • AzureAD
• More Information

Prerequisites

Whitelist CData IPs

To establish a connection to Amazon Redshift, you need to allow access to Amazon Redshift via CData’s IP. When hosting Amazon Redshift behind a firewall, you must safelist these IP addresses in your firewall.

• Range: 52.224.0.160 to 52.224.0.175

• CIDR notation: 52.224.0.160/28

Ensure Amazon Redshift Is Publicly Accessible

Provide a public facing IP/domain to connect to this data source. The following private IP ranges do not work:

• 10.0.0.0 to 10.255.255.255

• 172.16.0.0 to 172.31.255.255

• 192.168.0.0 to 192.168.255.255

• 127.0.0.1 (aka ‘localhost’)

Setup Guide

Follow these steps to connect Amazon Redshift to your CData Connect Cloud account:

1. Open the Connections page of the CData Connect Cloud dashboard.

2. Click + Add Connection in the upper-right corner.

3. Type Amazon Redshift into the search field, then click the data source name.

4. On the Basic Settings tab of the new connection, enter a connection name or keep the default name.

5. Enter the the host name or IP address of the Amazon Redshift cluster into the Server field.

6. Enter the Amazon Redshift Database.

7. Select the Authentication method, then proceed to the relevant section and follow those instructions.

Authentication Methods

Basic

1. Enter the Amazon Redshift username for authentication in the User field.

2. Enter the user password.

3. Enter the port for connecting to the Amazon Redshift server in the Port field.

4. Enter the AWS Principal ARN to use during authentication if you have multiple Identity Providers in your AWS account.

5. In Amazon Redshift, add the CData Connect Cloud static IP addresses to your connection whitelist.

6. At the top of the CData Connect Cloud Add Amazon Redshift Connection page, click Save & Test.

   • If the connection test succeeds, a message indicates that your connection has been created. The Status on the Edit Connection page also changes to Authenticated.

   • If the connection test fails, ensure that you entered your login information correctly with no stray spaces or other characters. CData Connect Cloud displays error messages under the required fields with missing data. Some data sources require that you sign in directly to the source website. If you did not, an error message appears under the Sign in button. Correct the errors and try again.

   • Unsuccessful connections are saved as drafts and have a Status of Not Authenticated. You can return to the connection and authenticate it later.

ADFS

1. Enter the Amazon Redshift username for authentication in the User field.

2. Enter the user password.

3. Enter the SSO Login URL.

4. Enter all relevant SSO Properties, with the format ‘ssoproperty1=value1;sooproperty2=value2;sooproperty3=value3;’. Make sure to separate all property-value pairs with semicolons.

5. Enter the port for connecting to the Amazon Redshift server in the Port field.

6. Enter the AWS Principal ARN to use during authentication if you have multiple Identity Providers in your AWS account.

7. In Amazon Redshift, add the CData Connect Cloud static IP addresses to your connection whitelist.

8. At the top of the CData Connect Cloud Add Amazon Redshift Connection page, click Save & Test.

   • If the connection test succeeds, a message indicates that your connection has been created. The Status on the Edit Connection page also changes to Authenticated.

   • If the connection test fails, ensure that you entered your login information correctly with no stray spaces or other characters. CData Connect Cloud displays error messages under the required fields with missing data. Some data sources require that you sign in directly to the source website. If you did not, an error message appears under the Sign in button. Correct the errors and try again.

   • Unsuccessful connections are saved as drafts and have a Status of Not Authenticated. You can return to the connection and authenticate it later.

IAMCredentials

1. Enter the Amazon Redshift username for authentication in the User field.

2. Enter your AWS Access Key.

3. Enter your AWS Secret Key.

4. Enter the port for connecting to the Amazon Redshift server in the Port field.

5. Enter the AWS Principal ARN to use during authentication if you have multiple Identity Providers in your AWS account.

6. In Amazon Redshift, add the CData Connect Cloud static IP addresses to your connection whitelist.

7. At the top of the CData Connect Cloud Add Amazon Redshift Connection page, click Save & Test.

   • If the connection test succeeds, a message indicates that your connection has been created. The Status on the Edit Connection page also changes to Authenticated.

   • If the connection test fails, ensure that you entered your login information correctly with no stray spaces or other characters. CData Connect Cloud displays error messages under the required fields with missing data. Some data sources require that you sign in directly to the source website. If you did not, an error message appears under the Sign in button. Correct the errors and try again.

   • Unsuccessful connections are saved as drafts and have a Status of Not Authenticated. You can return to the connection and authenticate it later.

PingFederate

1. Enter the Amazon Redshift username for authentication in the User field.

2. Enter the user password.

3. Enter the SSO Login URL.

4. Enter the SSO Properties, with the format ‘ssoproperty1=value1;sooproperty2=value2;sooproperty3=value3;’. Make sure to separate all property-value pairs with semicolons.

5. Add the SSO Exchange URL.

6. Enter the port for connecting to the Amazon Redshift server in the Port field.

7. Enter the AWS Principal ARN to use during authentication if you have multiple Identity Providers in your AWS account.

8. In Amazon Redshift, add the CData Connect Cloud static IP addresses to your connection whitelist.

9. At the top of the CData Connect Cloud Add Amazon Redshift Connection page, click Save & Test.

   • If the connection test succeeds, a message indicates that your connection has been created. The Status on the Edit Connection page also changes to Authenticated.

   • If the connection test fails, ensure that you entered your login information correctly with no stray spaces or other characters. CData Connect Cloud displays error messages under the required fields with missing data. Some data sources require that you sign in directly to the source website. If you did not, an error message appears under the Sign in button. Correct the errors and try again.

   • Unsuccessful connections are saved as drafts and have a Status of Not Authenticated. You can return to the connection and authenticate it later.

AzureAD

1. Enter the Amazon Redshift username for authentication in the User field.

2. Enter the Azure Tenant Id to connect to.

3. Enter the SSO Login URL.

4. Enter the OAuth Client Id found in the Overview page of your Amazon Redshift application settings.

5. Enter your OAuth Client Secret.

6. Enter the Scope. For v1.0 OAuth tokens, this matches the Scopes field in the Expose of an API page of your OAuth app. For v2.0 OAuth tokens, it is the same as the app’s Client Id.

7. Enter the port for connecting to the Amazon Redshift server in the Port field.

8. Enter the AWS Principal ARN to use during authentication if you have multiple Identity Providers in your AWS account.

9. Click Sign in to connect securely through OAuth. This action opens the Amazon Redshift sign-in page in a new tab.

10. Log in to your Amazon Redshift account and provide the requested permissions (if applicable).

11. In Amazon Redshift, add the CData Connect Cloud static IP addresses to your connection whitelist.

12. At the top of the CData Connect Cloud Add Amazon Redshift Connection page, click Save & Test.

    • If the connection test succeeds, a message indicates that your connection has been created. The Status on the Edit Connection page also changes to Authenticated.

    • If the connection test fails, ensure that you entered your login information correctly with no stray spaces or other characters. CData Connect Cloud displays error messages under the required fields with missing data. Some data sources require that you sign in directly to the source website. If you did not, an error message appears under the Sign in button. Correct the errors and try again.

    • Unsuccessful connections are saved as drafts and have a Status of Not Authenticated. You can return to the connection and authenticate it later.

More Information

For more information about interactions between CData Connect Cloud and Amazon Redshift, see this information page.