Hi,
I am a little confused on what's required for this setup to work.
I have two account Tooling account(Account A) and a Dev account(Account B). Account B has a db cluster(private isolated subnet) and have configured its security group to allow access from IP address associated with target region of CODEBUILD - https://ip-ranges.amazonaws.com/ip-ranges.json
This of course is not sufficient alone since db cluster is in a vpc and not just that- different account as well.
Error: connect EHOSTUNREACH <addressIp>3306
at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1187:16) {
errno: -113,
code: 'EHOSTUNREACH',
syscall: 'connect',
address: <addressIp>
port: 3306,
fatal: true
}
Could you please point me to the steps I'd have to take in order to be able to connect to it from CodeBuild ? I cannot seem to have any relevant documentation on what I am trying to achieve, beside just VPC support section on AWS - https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html . I do have a bastion host so the team can connect to it locally. Do I have to setup another VPC in Tooling account and do VPC peering between VPC in Account A and Account B ?
I am using CDK to deploy infrastructure and for the pipelines as well.
Any suggestions are greatly appreciated.
AWS OFFICIALAktualisiert vor 2 Jahren