Security Group Access Control for RDS is not working

Question

I have been banging on this for awhile and I can't get access to my RDS instance by using the security group of my instance. It works fine if I put in the public IP address using CIDR , but if I remove that and use the security group instead, it does not work.

I have reproduced it in my test environment as well. I have seen similar issue on the forums, but any answer seems to be being handle in a private chat. We have even tried assigning the security group through the api, but that results in the same behavior.

Could there be something about the EC2 Security group itself that causes it to not work?

What could be wrong? I can't get it working on my production boxes and am about to run into the limit of 20 IP Addresses.

score 0 · Accepted Answer · answered Jul 30 '13 at 03:29

0

Found the issue. It was entirely due to the difference between internal ip addresses and external ip addresses. We were access the RDS instance via the external IP, changing to the internal ip and everything works as expected.

CIDR for external access via external ip

Security Group for internal access via internal ip

answered Jul 30 '13 at 03:29

digidigo

473
1
4
8

I think you can mark your own question as answered. – Drew Khoury Aug 07 '13 at 13:26

Security Group Access Control for RDS is not working

1 Answers1