1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
Hello.
What are the inbound rules of the RDS security group?
For example, does the security group allow connections from the VPN client endpoint's security group?
Also, when you resolve the name of an RDS endpoint using the "dig" command, will an IP address be returned from the VPC CIDR range?
If public access is enabled on RDS, a public IP address will be returned, so even if communication is via VPN, it may not be possible to connect depending on the AWS configuration.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 10 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 3 ans
Also, if RDS is in multiple VPCs, you will need to set up something like a Transit Gateway to be able to communicate with multiple VPCs. I think the following AWS blog will be helpful for AWS VPC configuration. https://aws.amazon.com/jp/blogs/networking-and-content-delivery/using-aws-client-vpn-to-scale-your-work-from-home-capacity/
Thank you for your answer.
Client VPN endpoint -> Security Group Associated with: A, Inbound Rule Source, Type, Protocol: default VPC sg, All, All RDS Instance -> Security Group Associated with: B, Inbound Rule Source, Type, Protocol: A, All, All
;; ANSWER SECTION: xxxxxx.abcdefghijk.us-west-1.rds.amazonaws.com. 5 IN A 10.0.X.XX