[英]What are the security group rules for Amazon RDS dbinstance and EC2 instance over the different VPCs with VPC Peering?
What security group rules should I set for my db instance and my EC2 instance for accessing DB instance from my EC2 instance? 我应该为数据库实例和EC2实例设置哪些安全组规则以从EC2实例访问数据库实例?
Both are in different VPCs and I used VPC Peering between them. 两者都在不同的VPC中,我在它们之间使用了VPC对等。
I did following configuration: 我做了以下配置:
So, how should I set both security group rules for establishing connections between them? 因此,如何设置两个安全组规则以在它们之间建立连接?
You should configure: 您应该配置:
App-SG
) that permits access to the instance/application as desired Amazon EC2实例 ( App-SG
) 上的安全组,该安全组允许根据需要访问该实例/应用程序 DB-SG
) that permits inbound access on port 3306 for App-SG
Amazon RDS数据库实例 ( DB-SG
) 上的安全组 ,允许在端口3306上对App-SG
进行入站访问 That is, DB-SG
should specifically refer to App-SG
in the inbound rules. 也就是说, DB-SG
App-SG
在入站规则中应专门引用App-SG
。
When connecting from the EC2 to the database, make sure you are using the DNS Name of the RDS database. 从EC2连接到数据库时,请确保您使用的是RDS数据库的DNS名称。 This should resolve to a private IP address. 这应该解析为私有IP地址。
The NAT Gateway is not required for the above connection. 上述连接不需要NAT网关。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.