Reputation: 886
Why can't I connect to my aurora postgres instance on aws from my computer?
My original plan was to set up a serverless aurora postgres database on aws to save money since I needed something to use within a dev environment and that we could connect to from our local machines. Having found out that you can't have a publicly accessible aurora serverless postgres instance (AWS Aurora MySQL serverless: how to connect from MySQL Workbench), I decided to opt for a db.t3.medium on demand instance instead. I created it using the following terraform:
resource "aws_rds_cluster" "operational_postgresql" {
cluster_identifier = "aurora-postgres-cluster-dev"
engine = "aurora-postgresql"
engine_version = "14.3"
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
database_name = "operational_db"
master_username = "XXXXXX"
master_password = "XXXXXX"
backup_retention_period = 5
preferred_backup_window = "07:00-09:00"
skip_final_snapshot = false
final_snapshot_identifier = "aurora-postgres-dev-cluster-backup"
}
resource "aws_rds_cluster_instance" "operational_postgresql_db_dev" {
cluster_identifier = aws_rds_cluster.operational_postgresql.id
instance_class = "db.t3.medium"
engine = aws_rds_cluster.operational_postgresql.engine
engine_version = aws_rds_cluster.operational_postgresql.engine_version
publicly_accessible = true
}
And have verified that the cluster has a writer instance and a reader instance. I have also verified that the cluster is inside a vpc which is connected to an internet gateway (it's the default aws vpc, since there was none specified in the terraform). However, when I try to call this database with psycopg2 from my own machine, I get the following error:
*sqlalchemy.exc.OperationalError: (psycopg2.OperationalError) connection to server at "aurora-postgres-cluster.cluster-XXXXXXXXX.eu-west-1.rds.amazonaws.com" (52.XXX.XXX.XXX), port 5432 failed: Operation timed out
Is the server running on that host and accepting TCP/IP connections?*
Any help would be much appreciated.
Upvotes: 0
Views: 1130
Answers (1)
Reputation: 334
The instances in the Aurora cluster each have an associated "security group". The security group is where you need to say IP address such-and-such (or IP range) is allowed to connect to port such-and-such. Then you can use that same security group across as many instances as you like. You find the security group listing from the EC2 console.
In the security group, there's an option to automatically fill in your own current IP as the address that's allowed to connect. I've found sometimes when going through a VPN, it doesn't pick up the address that it should use. The one that works most reliably for me is whatever comes back from curl --silent ifconfig.me.
Upvotes: 0
Related Questions
- Postgres could not connect to server
- AWS Aurora: upgrading to serverless v2 from v1
- Create AWS Postgres Aurora read replica with instance type different from writer
- Not able to connect Amazon Aurora Serverless from SQL client
- Create a stored procedure in Aurora serverless postgres using aws cli in windows 10
- Terraform AWS Aurora Serverless MySQL - Error: Invalid DB Engine
- Connecting to Aurora AWS Serverless