Can I access RDS and elasticache redis through AWS fargate task role?

Question

I tried to access the aws service rds and elasticache redis through fargate's task role.

I connected the full access of the service to the task role, but it was not connected, so I allowed the subnet with the security group setting, and the connection was possible.

Is it possible to access only after setting the original role and security group?

Or did I not set the role properly?

Answer

Hi AWS-User-3005727,

If I understood your question correctly, it's if you can enable access to RDS from a Fargate task without modifying the RDS Security Group?

Supposing that's your quesiton, the answer would be NO, since RDS is always protected by a Security Group, there is no way any Fargate task role, by itself, can bypass that security group.

![Enter image description here](/media/postImages/original/IMoKDUYRPJTpmcD_-qaU3dvw)

What you could do **(but I wouldn't recommend it from a Security Standpoint)** is in the RDS Security group add a rule to Allow all Inbound from your Private Subnet's CIDR, that way by default any instance that lives in the subnet will be able to access the database.

I hope this answers your question, if it does please mark it as accepted answer, otherwise please create a new question with a more detailed question (hopefully with a diagram) to see how to best help you.

May you have happy holidays!

Can I access RDS and elasticache redis through AWS fargate task role?

相關內容