5.08 - Security Groups for Teradata Database - Teradata Software for AWS

Teradata® Software for AWS Quick Deployment Guide

Teradata Software for AWS
November 2018

Port 1025 is blocked in the local instance until the DBC password is changed. When you launch a Teradata ecosystem, do not delete or modify the self-reference rule for internal security group communication.

By default, NTP uses the Amazon Time Sync Service on a local IP. If you must use different NTP servers, make sure the VPC ACL setting is not blocking UDP port 123 for outbound traffic.

When launching a Teradata Database instance using CloudFormation, access is restricted to IP addresses in the CIDR block specified in the Remote Access From parameter. If you have other Teradata software instances residing outside the IP range, you can edit the security group after launching to add the necessary IP addresses. The following Teradata software instances may need access to the Teradata Database instance:
  • Teradata Data Mover
  • Teradata Data Stream Controller
  • Teradata Ecosystem Manager
  • Teradata Query Service
  • Teradata Server Management
  • Teradata Viewpoint
Software Direction Protocol Port Range Description
Teradata Database Inbound
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 64432
  • SSH
  • Teradata Database Service to AWS
  • If using mainframe connectivity
Teradata Database Outbound
  • TCP
  • 123
  • NTP, required when not using Amazon Time Sync Service