Troubleshooting Firehose endpoint reachability - Amazon Data Firehose
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Firehose supports database as a source in all Amazon Web Services Regions except China Regions, Amazon GovCloud (US) Regions, and Asia Pacific (Malaysia). This feature is in preview and is subject to change. Do not use it for your production workloads.

Troubleshooting Firehose endpoint reachability

If the Firehose API encounters a timeout, perform the following steps to test endpoint reachability:

  • Check if API requests are made from a host in a VPC. All traffic from a VPC requires setting up a Firehose VPC endpoint. For more information, see Using Firehose with Amazon PrivateLink.

  • If traffic is coming from a public network or VPC with the Firehose VPC endpoint set up in a particular subnet, run the following commands from the host to check network connectivity. The Firehose endpoint can be found at Firehose endpoints and quotas.

    • Use tools like traceroute or tcping to check if the network setup is correct. If that fails, check your network setting:

      For example:

      traceroute firehose.us-east-2.amazonaws.com

      or

      tcping firehose.us-east-2.amazonaws.com 443
    • If it appears the network setting is correct and the following command fails, check whether the Amazon CA (Certficate Authority) is in the trust chain.

      For example:

      curl firehose.us-east-2.amazonaws.com

    If the above commands succeed, try the API again to see if there is a response returned from the API.