0

It has been fine in the past. This morning all of sudden, we cannot connect to mySQL DB on AWS RDS from local workbench or a local server. Fortunately, the connections can be established from our production servers.

I looked at the logs, and these logs looked not that harmful

2017-11-29T18:01:17.871384Z 20148 [Note] Access denied for user 'mysqld'@'XXX.XXX.XXX.XXX' (using password: YES)
2017-11-29T18:01:23.754096Z 20149 [Warning] IP address 'XXX.XXX.XXX.XXX' could not be resolved: Temporary failure in name resolution
2017-11-29T18:01:23.999460Z 20149 [Note] Access denied for user 'mysqld'@'XXX.XXX.XXX.XXX' (using password: YES)
2017-11-29T18:01:34.539682Z 20150 [Warning] IP address 'XXX.XXX.XXX.XXX' could not be resolved: Temporary failure in name resolution
2017-11-29T18:01:34.752762Z 20150 [Note] Access denied for user 'mysqld'@'XXX.XXX.XXX.XXX' (using password: YES)

Also on the AWS console, this part is in red

Multi AZ
No

I don't know what caused this issue. We are all blocked. Can someone help? Or having the same issue.

Grace Huang
  • 109
  • 3
  • Have you checked your firewalls (both locally and in AWS)? What about the source part of the MySQL user permissions? If you have CloudTrail enabled, you can also use that to look for changes that have been made. – Xiong Chiamiov Nov 29 '17 at 18:34
  • Just checked CloudTrail. Besides some recent logins, there are no other changes made. – Grace Huang Nov 29 '17 at 18:47
  • Without an idea of your AWS infrastructure I’m not sure how we can help. Where is and what is your “local workbench.” Where is or what is your “production servers.” Where are they located, how are they connected, what ip addressing is used, are you trying to connect by hostname or IP, etc. – Appleoddity Nov 30 '17 at 04:16
  • What does local mean? Local on your desktop? Local on a instance in a VPC? Is the db pubically accessible ? Is the rds in a VPC? How do you supply the grants? IP addresses can change so use the endpoint. – strongjz Nov 30 '17 at 05:12
  • Thanks for help! It turned out IT blocked all the "suspicious" ports on the router, which includes 3306 :/ It has been fixed by removing the restriction on the ports. – Grace Huang Nov 30 '17 at 05:26

0 Answers0