I setup a peer connection form us-east to eu-west. Using the following method:
us-east; Created an RDS (made public facing) and an EC2 on the same VPC [1]
us-west Created an EC2 on VPC [2]
Created a peer-connection for VPC [1] to VPC [2] (us-east to eu-west)
Setup the peer-connection to resolve DNS hosts (on both ends)
Updated routing tables on both sides to accept the CIDR ranges from the corresponding VPCs
Updated the security groups on both sides to allow inbound and outbound connections from the CIDR ranges
I am able to successfully to the EC2 instance in us-east from the EC2 in eu-west by pinging its private ip - suggesting the VPC peering tunnel is setup correctly.
When I try to connect to the RDS mySQL instance in us-east from the EC2 in eu-west, it is unresolved.
I am using netcat to test, using the following method:
nc -zv databasex.xxxxxx.us-east-2.rds.amazonaws.com 3306
The security group attached to the RDS has a rule to allow connections on port 3306 from the CIDR range associated with the VPC in eu-west, just like I have on the EC2 security group. I have reviewed a number of articles, help posts, and other things and it appears I have everything setup correctly so I am at a loss why I am not able to connect to the RDS from this peer connection.
Of course when I add a record to the RDS security group to allow connections from the public IP of the eu-west EC2 then it connects but I want to take advantage of the peering tunnel and not use traffic over an internet gateway. Please let me know if there are certain things I should be looking for that I may be obviously missing. Thank you.
Ah... At this time I can't make it private as I have an external application that is not hosted on AWS that queries from the RDS. I could look at migrating this application to AWS though that is going to be a fairly large lift. Maybe I can just spin up a new RDS within the same VPC and set it up private and at least test if it indeed works with the peer connection in that configuration.
After reading the post you linked, I found out I had DNS resolution turned off on one side of the peer connection. I enabled that and now it fully resolves and I am able to connect to the RDS in us-east from the EC2 is eu-west. Thanks!