DB Instances are not publicly accessible although created in public subnets

In the CLI doc for creating db instance and creating db cluster , it is mentioned that if publicly accessible flag is not specified explicitly, then the behavior is dependent on DBSubnetGroupName being specified or not. In my case, I specified the DBSubnetGroup which consists of public subnets and yet, the db instances created were not publicly accessible.

トピック

データベース移行と近代化分析

タグ

PostgreSQL Amazon Relational Database Service (RDS)オーロラ PostgreSQL データベース Amazon Aurora

言語

English

Amogh

質問済み 1年前255ビュー

2回答

新しい順
投票が多い順
コメントが多い順

You also need to specify the publicly-accessible attribute when creating or modifying the instance.

--publicly-accessible

モデレーター

philaws

回答済み 1年前

Here is a link to a troubleshooting Document for public RDS accessibility. . . https://aws.amazon.com/premiumsupport/knowledge-center/rds-connectivity-instance-subnet-vpc/

Hope this helps.

tedtrent

回答済み 1年前

Amogh
1年前
Thanks @tedtrent. From the doc, it appears we do need to modify the publicly accessible property. Does this mean that the default behavior depending on DBSubnetGroupName is not supported/valid anymore?
tedtrent
1年前
As @philaws mentioned in his answer you may need to add --publicly-accessible when building the RDS instance. This is a security feature on RDS that by default prevents a DNS name resolving to a public IP address, which could expose it to malicious attacks on the Internet. This is a different behavior than with normal EC2 instances. Modifying the database instance's "Public accessibility" parameter in addition to the VPC security group helps restrict unauthorized access. Use caution with unrestricted access over the public internet.

DB Instances are not publicly accessible although created in public subnets

関連するコンテンツ