I am running into an issue trying to connect to my RDS database with Sequel Pro anywhere outside of the IP Address where the instance was created. I came to this conclusion after trying to connect to my db form two computers with the correct information and good Wi-fi, but I would get a time out error. As a result I followed the AWS instructions to setup a VPC security group with the following setup, MYSQL/Aurora - TCP - 3306 - *my IP address*. I thought this was all that needed to be done, but I'm still getting the error and I'm unsure how to connect the security group to my RDS instance despite reading the documentation. Can anyone help?
Asked
Active
Viewed 3,091 times
2
cphill
- 5,596
- 16
- 89
- 182
-
https://stackoverflow.com/questions/32893876/accessing-rds-from-within-a-docker-container-not-getting-through-security-group – Alexander Mills Jul 01 '18 at 23:21
1 Answers
3
The first step to identify the problem is to figure out where your RDS instance lies. Is it inside the VPC or is it in the classic network. This part is very important. Additionally, if it's inside the VPC, when creating it there should have been an option to enable public access or not.
After creating a new security group (I'd look at your current one and copy all the settings to your new one + the mysql access change like you have above). Simply go to the RDS console, click on the instance you want to modify, select actions, modify and adjust your security group.
If you don't have the public access enabled and you are in the VPC then you're options are more limited. You'd probably have to bridge your connection over an existing ec2 instance that can both reach the outside and the VPC. Or like I do, have a VPN into your VPC directly.
Sadly all of this is very dependent on your VPC design, and where things lie on your network diagram. If my answer isn't helpful enough, try and provide more information and I can revise.
comjf
- 404
- 4
- 9
-
Hey @comjf thank you for your answer. It is definitely inside a VPC since I receive this message, "Your account does not support the EC2-Classic Platform in this region." And tells me to use VPC security groups. I selected my instance and see where I can adjust my security group. If I change it just for the day to gain access to my current IP Address, will I have trouble switching back to my default security group at a later point? Will this cause any issues? – cphill Oct 24 '15 at 13:32
-
@cphill you have two options here. You can adjust your currently security group to add in a new rule (probably the easiest), or you can make a new security group and switch to it. The first option is probably better, and it sounds like you know how to do that... Find out which is attached to your instance, and simply edit it. It might take ~5 minutes for the changes to be applied. Also note that your IP can change a lot, so this kind of solution isn't the most ideal (As opposed to having a VPN directly into your VPC -- but that's much more complicated to setup). – comjf Oct 24 '15 at 18:29