AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Can't connect to RDS database from remote

0

Hello Community,

I'm not able to connect my newly created publicly accessible rds Mysql database from my local computer.

My VPC Configurations:

  1. There is public and private subnet
  2. In public route table public subnets are associated and there is 0.0.0.0/0 route through internet gateway
  3. In private route table private subnets are associated and there is 0.0.0.0/0 route through NAT gateway

RDS Configurations:

  1. Above VPC is selected during DB creation
  2. Created Subnet Group (I can see that all public and private subnets in subnet group)
  3. Selected RDS in publicly accessible mode
  4. Allowed 0.0.0.0/0 in rds security group

Now when RDS database is created I can see that it is getting IP from my private subnet although I selected RDS to be used publicly accessible. I have other databases which was created previously with same configuration and vpc. They are getting IP from public subnet. They are accessible from remote location without VPN connectivity. Please help how can I overcome this issue?

Thank you!

주제
마이그레이션 및 현대화분석데이터베이스
태그
아마존 Relational Database Service데이터베이스
언어
English
Jayed
질문됨 2년 전1076회 조회
1개 답변
1

If the subnet the instance is launched in is private, it will be unreachable from the Internet even if you enable "publicly accessible" for the instance. You need to launch in a public subnet in order for the instance to be assigned a public IP. If you have both types of subnet in your subnet group, and RDS picks a public one for an instance, it will work. If you remove the private subnets from the group it will only ever launch in the public ones.

However, I'd strongly recommend against public-facing RDS instances open to 0/0 in the security group. If you must have it publicly accessible, I'd advise scoping that rule down to your current external IP (you can visit https://checkip.amazonaws.com/ to find out what it is).

You could remove the requirement for the instance to have a public IP at all (for you to be able to connect to it) with Systems Manager Session Manager's port forwarding feature.

profile pictureAWS
전문가
James_S
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠