DB Instances are not publicly accessible although created in public subnets

In the CLI doc for creating db instance and creating db cluster , it is mentioned that if publicly accessible flag is not specified explicitly, then the behavior is dependent on DBSubnetGroupName being specified or not. In my case, I specified the DBSubnetGroup which consists of public subnets and yet, the db instances created were not publicly accessible.

主题

数据库迁移与现代化分析

标签

PostgreSQL Amazon Relational Database Service 极光 PostgreSQL 数据库 Amazon Aurora

语言

English

Amogh

已提问 1 年前255 查看次数

2 回答

最新
投票最多
评论最多

You also need to specify the publicly-accessible attribute when creating or modifying the instance.

--publicly-accessible

审核人员

philaws

已回答 1 年前

Here is a link to a troubleshooting Document for public RDS accessibility. . . https://aws.amazon.com/premiumsupport/knowledge-center/rds-connectivity-instance-subnet-vpc/

Hope this helps.

tedtrent

已回答 1 年前

Amogh
1 年前
Thanks @tedtrent. From the doc, it appears we do need to modify the publicly accessible property. Does this mean that the default behavior depending on DBSubnetGroupName is not supported/valid anymore?
tedtrent
1 年前
As @philaws mentioned in his answer you may need to add --publicly-accessible when building the RDS instance. This is a security feature on RDS that by default prevents a DNS name resolving to a public IP address, which could expose it to malicious attacks on the Internet. This is a different behavior than with normal EC2 instances. Modifying the database instance's "Public accessibility" parameter in addition to the VPC security group helps restrict unauthorized access. Use caution with unrestricted access over the public internet.

DB Instances are not publicly accessible although created in public subnets

相关内容