2

I have set up a RDS instance with Multi-AZ support. It ended up in eu-west-1a. It is setup with "Publically available = YES"

I have a EC2 instance in eu-west-1c, from which I want to access the RDS database.

I do this to test connectivity:

nc -zv  <db>.eu-west-1.rds.amazonaws.com 3306

.. which times out.

Doing the same command from outside AWS works fine though.

So question is: how can I setup security groups to allow me to connect to a RDS from a EC2 instance in another AZ?

Markus Johansson
  • 151
  • 1
  • 3
  • 3
    What are your security group settings? – ceejayoz Oct 26 '15 at 16:00
  • 1
    Also, is your EC2 in a public subnet with a public IP? To connect to a public RDS, the EC2 instance will need public Internet access. Note: you can connect to a private RDS across AZs without needing public Internet access, and it wouldn't incur data transfer costs, if that sounds more appealing. To fully troubleshoot, you'd need to examine the Route Tables, Network ACLs, and Security Groups for the subnets that both the EC2 and RDS are in. – mfisherca Oct 28 '15 at 00:21
  • @Markus Did you find a solution to this issue? I'm seeing 'no route to host' when attempting to `nc` to the rds host & port from every other az other than the az that the rds instance is in. – Codebeef Jul 22 '16 at 21:21

0 Answers0