1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
Hello.
What are the inbound rules of the RDS security group?
For example, does the security group allow connections from the VPN client endpoint's security group?
Also, when you resolve the name of an RDS endpoint using the "dig" command, will an IP address be returned from the VPC CIDR range?
If public access is enabled on RDS, a public IP address will be returned, so even if communication is via VPN, it may not be possible to connect depending on the AWS configuration.
관련 콘텐츠
- AWS 공식업데이트됨 9달 전
- AWS 공식업데이트됨 7달 전
- AWS 공식업데이트됨 2년 전
Also, if RDS is in multiple VPCs, you will need to set up something like a Transit Gateway to be able to communicate with multiple VPCs. I think the following AWS blog will be helpful for AWS VPC configuration. https://aws.amazon.com/jp/blogs/networking-and-content-delivery/using-aws-client-vpn-to-scale-your-work-from-home-capacity/
Thank you for your answer.
Client VPN endpoint -> Security Group Associated with: A, Inbound Rule Source, Type, Protocol: default VPC sg, All, All RDS Instance -> Security Group Associated with: B, Inbound Rule Source, Type, Protocol: A, All, All
;; ANSWER SECTION: xxxxxx.abcdefghijk.us-west-1.rds.amazonaws.com. 5 IN A 10.0.X.XX