DB Instances are not publicly accessible although created in public subnets

In the CLI doc for creating db instance and creating db cluster , it is mentioned that if publicly accessible flag is not specified explicitly, then the behavior is dependent on DBSubnetGroupName being specified or not. In my case, I specified the DBSubnetGroup which consists of public subnets and yet, the db instances created were not publicly accessible.

주제

데이터베이스 마이그레이션 및 현대화 분석

태그

PostgreSQL 아마존 Relational Database Service 오로라 PostgreSQL 데이터베이스 아마존 Aurora

언어

English

Amogh

질문됨 일 년 전255회 조회

2개 답변

최신
최다 투표
가장 많은 댓글

You also need to specify the publicly-accessible attribute when creating or modifying the instance.

--publicly-accessible

중재자

philaws

답변함 일 년 전

Here is a link to a troubleshooting Document for public RDS accessibility. . . https://aws.amazon.com/premiumsupport/knowledge-center/rds-connectivity-instance-subnet-vpc/

Hope this helps.

tedtrent

답변함 일 년 전

Amogh
일 년 전
Thanks @tedtrent. From the doc, it appears we do need to modify the publicly accessible property. Does this mean that the default behavior depending on DBSubnetGroupName is not supported/valid anymore?
tedtrent
일 년 전
As @philaws mentioned in his answer you may need to add --publicly-accessible when building the RDS instance. This is a security feature on RDS that by default prevents a DNS name resolving to a public IP address, which could expose it to malicious attacks on the Internet. This is a different behavior than with normal EC2 instances. Modifying the database instance's "Public accessibility" parameter in addition to the VPC security group helps restrict unauthorized access. Use caution with unrestricted access over the public internet.

DB Instances are not publicly accessible although created in public subnets

관련 콘텐츠