To use dbt Cloud’s multi-tenant SaaS service with your Amazon Redshift database, the service will need access to your cluster. One way to achieve this is through firewall rules that allow traffic through dbt Cloud’s multi-tenant published IPs (22.214.171.124, 126.96.36.199, 188.8.131.52)
I used netcat to run this command:
$ nc -vz [your redshift endpoint].redshift.amazonaws.com 5439
The result was
Operation timed out - in other words, I can’t access the server from my machine.
From the AWS Console navigate to Amazon Redshift > Clusters > Your Cluster
Choose to Enable on a Elastic IP address.
Note: at this stage your cluster is available to the open internet, confirm this by running netcat command again, noting that it doesn’t fail
Under Cluster Properties find the Network and Security Settings section and follow the link to the VPC security group
Find the Inbound Rules and Edit them
Add three new inbound rules of type
Redshiftwith the IP addresses from this page the format is
Save Rules, test again from your local network with netcat, (which should once again be unavailable to your IP), but available to connect via dbt Cloud!
Note: The “All Traffic” rule can continue to allow all traffic, the Redshift rules will supersede for Redshift traffic