By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS RDS MySQL is in private subnet, how to accessible RDS from my local machine

0

I am having EC2 instances (Windows Server)in private subnet and its under NAT gateway and AWS RDS MySQL is public accessible. EC2 and RDS are in same VPC with same region.

I need to avoid AWS RDS on public accessible so created RDS using private subnet. If i created, I must able to connect with RDS on necessary time.

So, I have tried to do site to site VPN for this but my tunnelling is always down.

Please provide solution for my scenario and apart from that site to site VPN, if we have best solution for our scenario, you could suggest us.

Topics
Networking & Content DeliveryComputeDatabase
Tags
Amazon VPCAmazon EC2DatabaseMySQL
Language
English
Subha
asked a year ago266 views
3 Answers
0

Hello.

If the EC2 instance is registered as a Systems Manager managed instance, I think it is better to use SSM port forwarding as per the steps in the document below.
https://aws.amazon.com/jp/blogs/mt/use-port-forwarding-in-aws-systems-manager-session-manager-to-connect-to-remote-hosts/

profile picture
EXPERT
Riku_Kobayashi
answered a year ago
profile picture
EXPERT
Osvaldo Marte
reviewed a year ago
  • Subha
    a year ago

    Hello, I have tried the SSM port forwarding using shared link on my windows server EC2 instance.

    1. Followed prerequisite installed everything.
    2. Added AmazonSSMManagedInstanceCore, created vpc endpoint for below com.amazonaws.ap-southeast-1.ssm com.amazonaws.ap-southeast-1.ssmmessages com.amazonaws.ap-southeast-1.ec2 com.amazonaws.ap-southeast-1.ec2messages
    3. Tried to below command aws ssm start-session --target i-058 --document-name AWS-StartPortForwardingSessionToRemoteHost --parameters host="rds.amazonaws.com",portNumber="3306",localPortNumber="1204"

    Getting this error, An error occurred (TargetNotConnected) when calling the StartSession operation: i-0c0e3d09900512c58 is not connected 4. Then tried this command aws ssm start-session --target i-058, still getting same error.

    Kindly share your suggestion to resolve above error.

  • Subha
    a year ago

    Any suggestion @Riku Kobayashi, OsvaldoMarte?

  • Subha
    a year ago

    Hi Riku Kobayashi/Osvaldo Marte, Now i am facing different error. Eventhough had "AmazonSSMManagedInstanceCore" and VPC endpoints. Still connect button is not visible on EC2 instance. Any suggestion?

0

Another option is to use EC2 Connect Endpoint. https://www.doit.com/secured-access-to-private-rds-using-amazon-ec2-instance-connect-endpoint/

profile pictureAWS
EXPERT
AWS-User-alantam
answered a year ago
0

Thanks for sharing suggestion.

As suggested, tried EC2 Connect Endpoint but my EC2 instance is not connecting with RDS. That is, if i try to access my application which is hosted on EC2 instance windows server is not connecting with MySQL RDS.

Regarding Port forwarding suggestion, trying that, if any problem will update here.

Subha
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content