- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
If the subnet the instance is launched in is private, it will be unreachable from the Internet even if you enable "publicly accessible" for the instance. You need to launch in a public subnet in order for the instance to be assigned a public IP. If you have both types of subnet in your subnet group, and RDS picks a public one for an instance, it will work. If you remove the private subnets from the group it will only ever launch in the public ones.
However, I'd strongly recommend against public-facing RDS instances open to 0/0 in the security group. If you must have it publicly accessible, I'd advise scoping that rule down to your current external IP (you can visit https://checkip.amazonaws.com/ to find out what it is).
You could remove the requirement for the instance to have a public IP at all (for you to be able to connect to it) with Systems Manager Session Manager's port forwarding feature.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa