1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Hello.
What are the inbound rules of the RDS security group?
For example, does the security group allow connections from the VPN client endpoint's security group?
Also, when you resolve the name of an RDS endpoint using the "dig" command, will an IP address be returned from the VPC CIDR range?
If public access is enabled on RDS, a public IP address will be returned, so even if communication is via VPN, it may not be possible to connect depending on the AWS configuration.
関連するコンテンツ
- AWS公式更新しました 2年前
- AWS公式更新しました 2年前
- AWS公式更新しました 7ヶ月前
Also, if RDS is in multiple VPCs, you will need to set up something like a Transit Gateway to be able to communicate with multiple VPCs. I think the following AWS blog will be helpful for AWS VPC configuration. https://aws.amazon.com/jp/blogs/networking-and-content-delivery/using-aws-client-vpn-to-scale-your-work-from-home-capacity/
Thank you for your answer.
Client VPN endpoint -> Security Group Associated with: A, Inbound Rule Source, Type, Protocol: default VPC sg, All, All RDS Instance -> Security Group Associated with: B, Inbound Rule Source, Type, Protocol: A, All, All
;; ANSWER SECTION: xxxxxx.abcdefghijk.us-west-1.rds.amazonaws.com. 5 IN A 10.0.X.XX