Reputation: 11
AWS RDS (MySQL) Secure Connection
I have following aws resources an EC2 Instance(running on windows platform) and a AWS RDS MySQL(complied for linux). I want to connect AWS RDS MySQL instance using SSL through MySQL client utilities like MySQL workbench or TOAD for MySQL.
My questions
- Are SSL CA, CERT Key files and SSL Cipher information located on AWS RDS MySQL instance?
- How to connect to AWS RDS MySQL to download these files.
- Are these files are required for above scenario?
- Can I use SSH Client to connect AWS RDS (MYSQL)? I have seen blogs/post but there EC2 instance is LINUX based. My understanding SSH is used to remotely connect Linux machines.
Is there anyother way to connect AWS RDS MySQL securly?
Upvotes: 1
Views: 906
Answers (4)
Reputation: 163
You cannot SSH into an RDS instance as it is managed by AWS and you aren't given SSH access.
but we have an option to create a SSH tunnel to EC2 instance that permit to access the RDS instance.
i got reference from this video, thought it may help other connect AWS RDS Db instances from our local machine using an Amazon EC2 "SSH Tunnel"
Upvotes: 0
Reputation: 56
If you are using MySQL workbench then its pretty straight forward. Steps 1. Click on new MySQL connection. 2. Give any Connection name for your reference 3. In hostname field, add the endpoint URL which you can get from AWS RDS console. (dont add :3306, its default) 4. In username field, add the username you had added while creating RDS instance. 5. Keep other params as it is and click on Test Connection.It will ask for password which you had added while creating RDS instance. 6. If all the input params are correct, you are connected to the database
Upvotes: 0
Reputation: 13166
RDS server doesn't served SSH.
However, you can create a SSH tunnel to EC2 instance that permit to access the RDS instance. You may also enable compression within the connection using ssh tunnel. Quite useful if you want to upload/download large data set from RDS.
# E.g. EC2 instance = ec2servername
# Create a ssh tunnel to RDS , access through local port 5678
ssh -C -o CompressionLevel=9 -N -L 5678:<your-rds-fqdn>:3306 <ec2username>@ec2servername -i ec2_private_key.pem
# mysql client connection
mysql -u <rdsusername> -p <database name> -h 127.0.0.1 -P 5678
Upvotes: 1
Reputation: 200476
You can download the SSL certificates here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
You cannot SSH into an RDS instance as it is managed by AWS and you aren't given SSH access.
In addition to using SSL you should configure the Security Groups in your VPC such that only servers within your VPC can access the RDS instance.
Upvotes: 0
Related Questions
- How to reset AUTO_INCREMENT in MySQL
- How to import an SQL file using the command line in MySQL?
- MySQL error code: 1175 during UPDATE in MySQL Workbench
- Should I use the datetime or timestamp data type in MySQL?
- AWS RDS Connection Denied Because Hostname
- Simple Connection to Amazon RDS MySQL Database using MySQL Workbench
- React implementation utilizing AWS EC2 and RDS MySQL?
- Unable to connect to AWS MYSQL RDS instance using PHP via AWS EC2 Instance