2 Answers
- Newest
- Most votes
- Most comments
1
You also need to specify the publicly-accessible attribute when creating or modifying the instance.
--publicly-accessible
0
Here is a link to a troubleshooting Document for public RDS accessibility. . . https://aws.amazon.com/premiumsupport/knowledge-center/rds-connectivity-instance-subnet-vpc/
Hope this helps.
answered a year ago
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated a year ago
Thanks @tedtrent. From the doc, it appears we do need to modify the publicly accessible property. Does this mean that the default behavior depending on DBSubnetGroupName is not supported/valid anymore?
As @philaws mentioned in his answer you may need to add --publicly-accessible when building the RDS instance. This is a security feature on RDS that by default prevents a DNS name resolving to a public IP address, which could expose it to malicious attacks on the Internet. This is a different behavior than with normal EC2 instances. Modifying the database instance's "Public accessibility" parameter in addition to the VPC security group helps restrict unauthorized access. Use caution with unrestricted access over the public internet.