Security Groups for Teradata Database
When configuring a security group for the Teradata Database, set up the port ranges listed below for each Teradata Database instance so the Teradata Database can be locked down to the local host. Port 1025 is blocked in the local instance until the DBC password is changed. If you are deploying a Teradata ecosystem, do not delete or modify the self-reference rule that is created for internal security group communication.
For BYOL, port 443 must be open to connect to the Teradata EMS server to successfully deploy Teradata Database on AWS. For general licensing information, see Teradata Entitlement Management System (EMS) Customer User Guide.
By default, NTP uses the Amazon Time Sync Service on a local IP. If you must use different NTP servers, make sure the VPC ACL setting is not blocking UDP port 123 for outbound traffic.
- Teradata Data Mover
- Teradata Data Stream Controller
- Teradata Ecosystem Manager
- Teradata REST
- Teradata Server Management
- Teradata Viewpoint
If you are not deploying a Teradata Database MPP instance as described in Chapters 3 and 4, you must add inbound TCP 22 and UDP 1001-1002 ports.