Reputation: 3135
Writing to an RDS MySQL database from an EC2 instance
I have a t2.micro instance running, that is producing some data that needs to be written to a database. So, I created a RDS database with MySQL on it.
The issue I'm facing is, nonsurprisingly, getting the EC2 instance to communicate with the RDS database in any way/shape/form.
I'm been battling with it all day. I'm left with these bits of confusion:
I figured I've just add the public IP of the EC2 instance to the security group of the RDS. Turns out the RDS doesn't really have a security group, only a VPN. So how do I allow communication from the EC2 instance, then?
Speaking of security groups, do I need to se the EC2 up to require outbound connections?
The RDS has an 'endpoint' and not a public IP as far as I can tell. So I can't add it to any security group at all. Is this correct?
Am I going to have to figure out how to use Elastic Beanstalk or some other way to get these components to play together?
These are all the things I'm trying to troubleshoot but I'm not getting anywhere. There doesn't seem to be any good blogs / etc; mostly what I'm finding is stuff on how to get the RDS to be accessed by your local hardware, not an EC2 instance.
How should I set this up?
Upvotes: 0
Views: 542
Answers (1)
Reputation: 61
There are two ways to allow inbound connection to RDS database: CIDR/IP or EC2 security group.
You can go to VPC, at the left panel there is "Security Groups" (yes, RDS do have security group). Click that, and choose your DB security group (if you already have the RDS instance created) or create a new one.
Under connection type, choose either CIDR/IP or EC2 security group.
If you choose to go with CIDR/IP, you should know what IP address your EC2 instance is and put the address or range in e.g. "10.11.12.0/24".
If you choose to go with EC2 security group, you should know the security group nameof your EC2 instance and select it from the dropdown provided e.g. "my security group".
Please note that the EC2 instance and the RDS instance need to be able to "see" each other i.e. in the same region, VPC, subnets with proper NACL (network access control list) etc.
Speaking of outbound connection and security group, no, security groups only manage inbound connection.
Hope that helps, let me know if I can make my answer clearer.
Upvotes: 1
Related Questions
- Connect to MySQL on Amazon AWS RDS
- Connecting to Amazon RDS MySql remotely
- Connecting to MySQL DB on RDS
- Accessing a database inside an EC2 instance
- Connecting EC2 to RDS via php
- Loading mysql file to rds database in AWS
- How do I do MySQL queries on an RDS instance from an EC2 instance?
- Connecting to RDS database from node.js
- AWS EC2 Send mysql_query to RDS failed
- Can't access AWS RDS MySQL from Webserver