DB Instances are not publicly accessible although created in public subnets

In the CLI doc for creating db instance and creating db cluster , it is mentioned that if publicly accessible flag is not specified explicitly, then the behavior is dependent on DBSubnetGroupName being specified or not. In my case, I specified the DBSubnetGroup which consists of public subnets and yet, the db instances created were not publicly accessible.

Topics

Database Migration & Modernization Analytics

Tags

PostgreSQL Amazon Relational Database Service Aurora PostgreSQL Database Amazon Aurora

Language

English

Amogh

asked a year ago251 views

2 Answers

Newest
Most votes
Most comments

You also need to specify the publicly-accessible attribute when creating or modifying the instance.

--publicly-accessible

MODERATOR

philaws

answered a year ago

Here is a link to a troubleshooting Document for public RDS accessibility. . . https://aws.amazon.com/premiumsupport/knowledge-center/rds-connectivity-instance-subnet-vpc/

Hope this helps.

tedtrent

answered a year ago

Amogh
a year ago
Thanks @tedtrent. From the doc, it appears we do need to modify the publicly accessible property. Does this mean that the default behavior depending on DBSubnetGroupName is not supported/valid anymore?
tedtrent
a year ago
As @philaws mentioned in his answer you may need to add --publicly-accessible when building the RDS instance. This is a security feature on RDS that by default prevents a DNS name resolving to a public IP address, which could expose it to malicious attacks on the Internet. This is a different behavior than with normal EC2 instances. Modifying the database instance's "Public accessibility" parameter in addition to the VPC security group helps restrict unauthorized access. Use caution with unrestricted access over the public internet.

Relevant content

Is it possible to create RDS replica in public subnet while master db is in private?
y0zg
asked 2 years ago
how to create/access db in aws following best practices ?
clouduser
asked a day ago
EC2 in public subnet reachable by public IP but not by public DNS
rePost-User-0207280
asked a year ago
AWS CLI RDS create-db-instance - Unknown options: groups, Subnet
Accepted Answer
rePost-User-5712443
asked a year ago
How do I configure a provisioned Amazon Aurora DB cluster to be publicly accessible?
AWS OFFICIALUpdated 2 years ago
How do I turn off public access for an AWS DMS replication DB instance?
AWS OFFICIALUpdated 6 months ago
How can I move an Amazon RDS DB instance from a public subnet to a private subnet within the same VPC?
AWS OFFICIALUpdated 6 months ago
How can I troubleshoot connectivity to an Amazon RDS DB instance that uses a public or private subnet of a VPC?
AWS OFFICIALUpdated a year ago
VPC IP Address Manager's 'Public IP Insights': A free and simple feature for customers to get insights on their public IPv4 usage
EXPERT
Nawaz
published 5 months ago
Connect to your Amazon Aurora MySQL DB cluster
EXPERT
Gayathri Krishnamoorthy
published 9 months ago