- Más nuevo
- Más votos
- Más comentarios
Hello.
To connect to RDS using public access, you must also check whether the subnets in the subnet group that RDS is using are configured with public subnets.
That is, the subnet's route table must have a route to the Internet gateway.
The points to check are listed in the document below.
https://repost.aws/knowledge-center/rds-connectivity-instance-subnet-vpc
Setting up RDS with public access is not recommended for security reasons, so please consider connecting via port forwarding using Systems Manager's Session Manager using the configuration described in the AWS blog below.
https://aws.amazon.com/jp/blogs/mt/use-port-forwarding-in-aws-systems-manager-session-manager-to-connect-to-remote-hosts/
As correctly recommended in previous answer, opening your RDS instance to the internet (0.0.0.0/0) is generally not recommended for security reasons. It's better to restrict access to trusted IP addresses or use a secure connection method like a bastion host. Having said that,
- Check the RDS logs for any connection errors or clues that might help you identify the issue.
- Make sure that the RDS security group has an inbound rule that allows incoming traffic on port 5432 from your local machine's IP address or a range of IP addresses that includes your local machine's IP address.
- Verify that the Network ACL (NACL) associated with your RDS instance's subnet allows inbound traffic on port 5432 from your local machine's IP address or a range of IP addresses that includes your local machine's IP address.
- Make sure that your local machine's firewall is not blocking outgoing connections on port 5432. If you can connect to the RDS instance from an EC2 instance within the same VPC but not from your local machine, it could be an issue with your local machine's network or firewall settings.
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace 8 meses
Thank you for the guidance on best practices. Was able to connect via port forwarding with Systems Manager's Session Manager according to the link you shared. Thanks!