Network ACL Settings
Vertica requires the following basic network access control list (ACL) settings on an AWS instance running the Vertica AMI. OpenText recommends that you secure your network with additional ACL settings that are appropriate to your situation; the default ACL does not provide a high level of security.
Inbound Rules
Type | Protocol | Port Range | Use | Source | Allow/Deny |
---|---|---|---|---|---|
SSH | TCP (6) | 22 | SSH (Optional -- for access to your cluster from outside your VPC) | User Specific | Allow |
Custom TCP Rule | TCP (6) | 5450 | MC (Optional -- for MC running outside of your VPC) | User Specific | Allow |
Custom TCP Rule | TCP (6) | 5433 | SQL Clients (Optional -- for access to your cluster from SQL clients) | User Specific | Allow |
Custom TCP Rule | TCP (6) | 50000 | Rsync (Optional -- for backup outside of your VPC) | User Specific | Allow |
Custom TCP Rule | TCP (6) | 1024-65535 | Ephemeral Ports (Needed if you use any of the above) | User Specific | Allow |
ALL Traffic | ALL | ALL | N/A | 0.0.0.0/0 | Deny |
Outbound Rules
Type | Protocol | Port Range | Use | Source | Allow/Deny |
---|---|---|---|---|---|
Custom TCP Rule | TCP (6) | 0 - 65535 | Ephemeral Ports | 0.0.0.0/0 | Allow |
You can use the entire port range specified in the table above, or find your specific ephemeral ports by entering the following command:
More Information
For detailed information on network ACLs within AWS, refer to Amazon's documentation.
For detailed information on ephemeral ports within AWS, refer to Amazon's documentation.