Pool connection timeout - connecting to AWS RDS from EC2

Question

I am trying to connect to an Amazon RDS (Postgres) instance from an EC2 server via a NodeJS application using the pg npm package. The error I am receiving an error (note i'm hitting my node backend via a react app): OPTIONS /users/login 200 0.424 ms - 2 Error fetching client from pool Error: Connection terminated due to connection timeout

I have tested the app locally and everything works perfectly (including connecting to RDS), but as soon as I run the app on the server I can't connect.

To simplify the problem, I have just typed my credentials explicitly into the NodeJS route file so I know there's no issues with environment variables etc. I then pushed my code to the server, pulled it as-is, and ran it. No luck. From a connection perspective, I just create a pool (require pool from pg) and then use pool.connect and client.query to make the request.

I feel like given that it works locally that the issue is an AWS one with my networking/security groups, but I feel like I have tried everything:

1. Ensured the db is set to public
2. Created a fresh security group and added it to EC2 and to RDS
3. Completely opened the ports (inbound and outbound)
4. Created a VPC and added to both EC2 and RDS
5. Checked the inbound/outbound are open on the VPC subnet NACL

Any help would be much appreciated. I am going insane

Answer 1

Connect to your server and try to debug the connection with telnet or a PostgreSQL client.

The most common mistakes for this error are:

1. RDS Security Group does not allow incoming connections from your VPC range or for the public EC2 server IP (in the case of a public database).
2. RDS subnet does not allow outgoing connections in NACL. Keep in mind that only the first connection occurs in the port you define in RDS, the other connections occur on other ports; but I think this is not your case once you said you could connect locally.
3. RDS Route Table doesn't allow connections from outside the VPC. But, again, I think that's not your case.
4. EC2 Security Group does not allow outgoing connections to the RDS. This case is a little trickier but it can happen if you don't set the SG properly.
5. The last case is that your EC2 server subnets do not allow connections to the internet. You said that you can connect locally, so I imagine that your RDS is properly set to allow public connections; however, you can have the case that you didn't connect an Internet Gateway or a NAT Gateway in your EC2 server Route Table or didn't properly configure the NACL to allow inbound/outbound connections from the internet.