stackoom
  简体   繁体   中英

Connect to AWS RDS instance in VPC using local client

 原文  2019-02-05 18:09:11       mysql/ amazon-web-services/ amazon-rds/ amazon-vpc/ aws-security-group

Question

I have an application running on EC2 instances that store data in an RDS instance. All of these instances are in an AWS VPC with security groups configured to allow them to connect to each other.

For reporting purposes, I would like to connect to the RDS instance from my laptop (eg using SQLAlchemy) to run simple queries. Every time I try to connect using the connection string that the EC2 apps use, the connection times out.

For Google, one can use the Cloud SQL proxy for this, but I can't find an analogous product for AWS. Instead, it seems like what I am supposed to do is attach an internet gateway to the VPC and configure the security groups to allow connection from my machine. However, the documents are unclear on how to do this other than allowing all inbound connections or allowing a static IP. Unfortunately my laptop doesn't have a static IP, and I'm uncomfortable allowing all inbound connections as it seems insecure and an invitation to attacks. I also have not been able to find a way to configure a security group to allow connections based on IAM credentials for example using the AWS CLI. Since I will be routinely generating reports, a solution that involves updating a security group (ie allowing my current IP) every time I want to connect seems suboptimal.

I have tried following the following documents, but so far have had no success in finding a solution that does not allow all connections:
Allow users to connect to RDS using IAM *
Connecting to RDS instance from command line
Connecting to RDS on VPC from internet

*My RDS instance configuration does not allow me to enable IAM authentication, I'm not sure why 

IAM Database Authentication is not supported for the configuration in the DB Instance db. 
Modify your Db Instance to another instance class and try again. 
(Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterCombination; 
Request ID: a6194fb8-2ab9-4a6a-a2be-63835e6e0184)

Is there something I'm not understanding or overlooking? Is allowing connections from all IPs not a big deal since the DB instance is still secured by DB user credentials?

1 answers

solution1
 0  2019-10-17 09:52:32

在此处输入图片说明

Select this connection as per screenshot. Then fill up all details use your nat instance .pem file to connect. Its like you are connecting to VPC through Nat gateway or Internet gateway bypassing this.

Another option to install VPN on VPC and connect.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cannot connect to AWS RDS instance that is not in VPC unable to connect to AWS RDS instance in default VPC from AWS Lambda unable to connect to AWS VPC RDS instance (mysql or postgres) Cannot connect to created instance in AWS RDS from local machine Unable to connect from local mysql server to AWS RDS db instance How to connect Google Data Studio with AWS RDS MySQL behind VPC? Unable to connect to AWS MYSQL RDS instance using PHP via AWS EC2 Instance Cannot connect to the mysql RDS instance on AWS Not able to connect to Aws rds instance for MySQL AWS RDS MySql: connect from local Workbench
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM