Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Can I access RDS and elasticache redis through AWS fargate task role?

0

I tried to access the aws service rds and elasticache redis through fargate's task role.

I connected the full access of the service to the task role, but it was not connected, so I allowed the subnet with the security group setting, and the connection was possible.

Is it possible to access only after setting the original role and security group?

Or did I not set the role properly?

Argomenti
DatabaseMigrazione e modernizzazioneAnalisiServerlessContainerSicurezza, identità e conformità
Tag
Amazon ElastiCache per RedisAmazon Relational Database ServiceAWS FargatePolitiche IAM
Lingua
English
joker
posta un anno fa611 visualizzazioni
1 Risposta
0

Hi AWS-User-3005727,

If I understood your question correctly, it's if you can enable access to RDS from a Fargate task without modifying the RDS Security Group?

Supposing that's your quesiton, the answer would be NO, since RDS is always protected by a Security Group, there is no way any Fargate task role, by itself, can bypass that security group.

Enter image description here

What you could do (but I wouldn't recommend it from a Security Standpoint) is in the RDS Security group add a rule to Allow all Inbound from your Private Subnet's CIDR, that way by default any instance that lives in the subnet will be able to access the database.

I hope this answers your question, if it does please mark it as accepted answer, otherwise please create a new question with a more detailed question (hopefully with a diagram) to see how to best help you.

May you have happy holidays!

AWS
Pablo Guzman
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente