AWS RDS (MySQL) Secure Connection
Question
I have following aws resources an EC2 Instance(running on windows platform) and a AWS RDS MySQL(complied for linux ). I want to connect AWS RDS MySQL instance using SSL through MySQL client utilities like MySQL workbench or TOAD for MySQL .
My questions
- Are SSL CA, CERT Key files and SSL Cipher information located on AWS RDS MySQL instance?
- How to connect to AWS RDS MySQL to download these files.
- Are these files are required for above scenario?
- Can I use SSH Client to connect AWS RDS (MYSQL)? I have seen blogs/post but there EC2 instance is LINUX based. My understanding SSH is used to remotely connect Linux machines .
Is there anyother way to connect AWS RDS MySQL securly?
4 answers
solution1
1 2016-05-04 16:53:32
RDS server doesn't served SSH.
However, you can create a SSH tunnel to EC2 instance that permit to access the RDS instance. You may also enable compression within the connection using ssh tunnel. Quite useful if you want to upload/download large data set from RDS.
# E.g. EC2 instance = ec2servername
# Create a ssh tunnel to RDS , access through local port 5678
ssh -C -o CompressionLevel=9 -N -L 5678:<your-rds-fqdn>:3306 <ec2username>@ec2servername -i ec2_private_key.pem
# mysql client connection
mysql -u <rdsusername> -p <database name> -h 127.0.0.1 -P 5678
solution2
0 2016-05-04 15:50:40
You can download the SSL certificates here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
You cannot SSH into an RDS instance as it is managed by AWS and you aren't given SSH access.
In addition to using SSL you should configure the Security Groups in your VPC such that only servers within your VPC can access the RDS instance.
solution3
0 2016-06-13 12:12:42
If you are using MySQL workbench then its pretty straight forward. Steps 1. Click on new MySQL connection. 2. Give any Connection name for your reference 3. In hostname field, add the endpoint URL which you can get from AWS RDS console. (dont add :3306, its default) 4. In username field, add the username you had added while creating RDS instance. 5. Keep other params as it is and click on Test Connection.It will ask for password which you had added while creating RDS instance. 6. If all the input params are correct, you are connected to the database
solution4
0 2021-07-27 14:22:32
You cannot SSH into an RDS instance as it is managed by AWS and you aren't given SSH access.
but we have an option to create a SSH tunnel to EC2 instance that permit to access the RDS instance.
i got reference from this video, thought it may help other connect AWS RDS Db instances from our local machine using an Amazon EC2 "SSH Tunnel"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.