Connect to RDS using SSM
I have an EC2 instance with a systems manager agent installed and access to RDS instance. Both the EC2 and RDS are in a private subnet; how can I connect to RDS by creating a ssm session with the ec2 instance?
- 최신
- 최다 투표
- 가장 많은 댓글
If you want to, for example connect to RDS in private subnet to make an SQL connection without inbound network level access to the VPC you could use Systems Manager Session Manager to connect to your EC2 and tunnel the appropriate port over SSH. You can find an example for RDS MySQL here:
https://aws.amazon.com/premiumsupport/knowledge-center/systems-manager-ssh-vpc-resources/
Keep in mind that Session Manager access from outside the VPC would require outbound port 443 connection to Systems Manager infrastructure. The example from that link is:
ssh -i /path/key-pair_instance1.pem username_of_instance1@i-0123456789abcdefa -L 9090:ec2-198-51-100-1.compute-1.amazonaws.com:3306
to set up the port tunneling via ssh followed by:
mysql -u user -h 127.0.0.1:9090 -p password
to connect to RDS.
Thank you very much. I'm aware of that. My question concerned the type of Private subnet in which I can place the Bastion for the Session Manager (and the Bastion as a whole) to function correctly: Private vs. Private ISOLATED.