Select Language:
If you’re having trouble connecting AWS Database Migration Service (DMS) Serverless to Redshift Serverless across different Virtual Private Clouds (VPCs), there are a few common areas to check that can help you resolve the issue.
First, review the security group settings for both your DMS Serverless and Redshift Serverless instances. For the DMS security group, ensure outbound rules allow TCP traffic on port 5439 to the Redshift security group and any VPC endpoints involved. If there are restrictions that might block outgoing traffic, you can temporarily allow all outbound traffic (0.0.0.0/0) to test connectivity.
For the Redshift security group, inbound rules should permit TCP traffic on port 5439 from the DMS security group. Also, include rules that allow traffic from any security groups associated with your Redshift-managed VPC endpoints or PrivateLink endpoints.
Next, make sure your VPC endpoint settings are properly configured. Verify that the Redshift-managed endpoint exists in the Redshift console, is linked to the correct VPC, and is located in the same Availability Zones as your VPC peering connection. Proper subnet setup is also key — confirm that your DMS replication subnets include subnets with access to the Redshift cluster, matching the zones used in your VPC peering.
It’s also important to check your network ACLs in both VPCs. These should not block traffic on port 5439, so ensure rules permit inbound and outbound traffic on this port for all relevant subnets.
For the endpoint configuration, use “redshift-serverless” as the engine type when setting up your DMS endpoint. Double-check that the server name follows the correct format: workgroup-name.account-number.aws-region.redshift-serverless.amazonaws.com.
Don’t forget to review IAM permissions. The IAM role used for your DMS tasks needs permissions to access Redshift Serverless resources, including actions like DescribeClusters, ListWorkgroups, and ListNamespaces.
If problems persist, test basic connectivity by connecting from an EC2 instance within the same VPC using tools like psql. Reviewing DMS logs in CloudWatch can reveal specific error messages. AWS provides automation tools, such as the “AWSSupport-TroubleshootDMSEndpointConnection” runbook, which can assist in troubleshooting. Additionally, verify that DNS resolution of the Redshift endpoint is working from your DMS VPC.
By systematically checking these configurations, you should be able to identify where the connection is getting blocked and fix the issue. This process will help ensure a successful connection between your DMS Serverless and Redshift Serverless instances.
ChatGPT
Perplexity
Gemini AI
Grok AI
