Hi,
I have a PostgreSQL RDS instance (subscriber) that lives in the same AZ and VPC as an EC2 machine with PostgreSQL (publisher). I established logical replication subscription against the publisher about a month ago using a CNAME DNS that points to the EC2 DNS name. The publisher is restricted to only allow access from private IP in the VPC and this worked up to three days ago where it suddenly stopped. I find no events that indicate what happened but the cause is clear - the DNS name is suddenly resolving to the public IP at the RDS instance and is denied access by the publisher.
I fail to understand how this can happen and also seems against documentation. That is, I expect the DNS lookup to reliably resolve to the private IP.
Any ideas what can explain this behaviour and/or if my expectations are wrong or right?
Did you find a workaround or did it start working again? Seeing a somewhat similar behavior, just with RDS -> RDS. When the subscriber RDS instance looks up the DNS for publisher RDS instance it resolves to the public IP, though if I look up the publisher DNS from an EC2 instance it resolves to the private IP. They are all in the same AZ and VPC.