How to Successfully Connect AWS App Runner with a Privately Accessible RDS Instance?

0

I am trying to connect my AWS App Runner service to an Amazon RDS database that is privately accessible and located in the default VPC. Here is the configuration I've set up:

RDS Configuration:

The RDS instance is in the default VPC. It has associated subnets and security groups. App Runner Configuration:

Incoming Traffic: Set to be publicly accessible. Outgoing Traffic: Created a VPC connector and added it to the outgoing traffic configuration. Selected the same VPC, subnets, and security groups as those used by the RDS instance. However, when I save these changes and deploy the App Runner service, the deployment fails and rolls back with the message: "Successfully rolled back update of my-service-name."

Question: Do I need to make changes in both incoming and outgoing traffic settings in App Runner, or just in the outgoing traffic, to successfully connect to the privately accessible RDS instance? What specific settings should I use for the VPC, subnets, and security groups in the VPC connector?

Additional Details:

The RDS security group allows inbound traffic from the App Runner service. The App Runner service needs to have network connectivity to the RDS instance to perform database operations. Any help or suggestions on how to resolve this issue would be greatly appreciated. Thank you!

3 Answers
0
  • Yes,but not getting satisfied response.

0

Hello,

Please try this solution.

To connect your AWS App Runner service to a privately accessible Amazon RDS instance, please follow the step by step.

Step 1Create a VPC Connector in App Runner

Go to the App Runner Console:

  1. Open the AWS Management Console.
  2. Navigate to App Runner.

Create a VPC Connector:

  1. In the App Runner console, select VPC Connectors from the left-hand menu.
  2. Click Create VPC Connector.
  3. Name your VPC connector (Ex. your vpc connector).
  4. Select the VPC where your RDS instance is located (VPC in your case).
  5. Select the subnets that are associated with your RDS instance.
  6. Choose the security group that allows traffic to the RDS instance.

Step 2Configure RDS Security Group

Go to the EC2 Console:

  1. Open the AWS Management Console.
  2. Navigate to EC2 and then Security Groups.

Update the RDS Security Group:

  1. Find and select the security group associated with your RDS instance.
  2. Click on Edit inbound rules.
  3. Add an inbound rule to allow traffic from the security group associated with the App Runner VPC connector: Type: Custom TCP Port Range: 3306 (or the port your RDS instance uses) Source: Select the security group of the VPC connector.

Step 3Deploy App Runner Service

Go to the App Runner Console:

  1. Open the AWS Management Console.
  2. Navigate to App Runner.

Create or Update App Runner Service:

  1. Create a new App Runner service or select an existing service to update.
  2. Configure your service settings as required.

Network Settings:

  1. In the Network section of the service configuration, set Outgoing traffic to use the VPC connector you created (Your vpc connector).

Deploy the Service:

Complete the setup and deploy the service.

https://docs.aws.amazon.com/apprunner/latest/dg/network-pl-manage.html

https://docs.aws.amazon.com/apprunner/latest/dg/network-vpc.html

EXPERT
answered 2 months ago
0

Still i can not able to connect it. What can be the issue here??

jk
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions