1 回答
- 最新
- 投票最多
- 评论最多
0
The blog post you are following assumes your rds is accessible from the internet A better practise is to configure your codebuild project to use your VPC - See here.
Basically a network interface for your codebuild job will be provisioned in your vpc and all communication will occur within your vpc (not over internet). The security group assigned to your codebuild project should allow outbound access to rds security group and the security group assigned to rds should allow inbound from the security group you assigned to codebuild project
Thank you for your help! I followed your instructions and configured my codebuild project to use my VPC. In addition, I added the security group of my backend to the codebuild project and allowed outbound access to rds the rds security group (TCP). I also added inbound connection to the security group of RDS to allow the security group of the backend (and code build).
Now the building of codebuild actually stops in a phase earlier. In the DOWNLOAD_SOURCE phase it complains about timing out when fetching the source code from S3. I am thinking it is no longer allowed access?