Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can't connect to RDS instance from EC2 instance

From EC2 instance i-78a8df00, I'm trying to connect to RDS instance mysql.************.us-east-1.rds.amazonaws.com. They are both in the U.S. East region. I added the security group of EC2 instance (sg-********) to the RDS security group, but that didn't help. It appears to be a firewall/DNS issue as it is timing out when running this command:

ubuntu@ip-10-195-189-237:~$ mysql -h mysql.************.us-east-1.rds.amazonaws.com 

ERROR 2003 (HY000): Can't connect to MySQL server on 'mysql.************.us-east-1.rds.amazonaws.com' (110)

I can connect to RDS instance fine from my local machine using the same line as above. I tried various forum solutions but those don't help.

like image 825
Mark Shust at M.academy Avatar asked May 30 '13 13:05

Mark Shust at M.academy


People also ask

How do I connect EC2 instance to RDS?

To connect to a private RDS DB instance from a local machine using an EC2 instance as a jump server, follow these steps: Launch and configure your EC2 instance and configure the network setting of the instance. Configure the RDS DB instance's security groups. Connect to the RDS DB instance from your local machine.

Can't connect to RDS server?

Troubleshoot database level issuesBe sure that you're using the correct user name and password to access the instance from your DB client. Be sure that the user has the database permissions to connect to the DB instance. Check for any resource throttling in Amazon RDS, such as CPU or memory contention.

What are some of the common causes why you Cannot connect to a DB instance on AWS?

When you can't connect to a DB instance, the following are common causes: Inbound rules – The access rules enforced by your local firewall and the IP addresses authorized to access your DB instance might not match. The problem is most likely the inbound rules in your security group.


1 Answers

I had similar problem, when I spun a new EC2 instance, but didn't change setting in RDS security group of inbound IP address allowed to connect to port 3306 of my RDS instance.

The confusing bit was an option in RDS dashboard, called Security Groups. You don't need it to solve the problem.

What you really need is:

  • Go to list of RDS instances
  • Click on the instance you are trying to connect
  • Click Security group rules section

enter image description here

This should open a new browser tab or window with details of security group. Locate several tabs in bottom part, select Inbound rules tab and click Edit button.

enter image description here

Change value to the IP address of your EC2 instance or IPv4 CIDR blocks, e.g.

174.33.0.0/16

To get this value, you can either ssh into your instance and run ip addr or run EC2 Manager in browser and locate value of Private IPs in your instance details.

like image 129
sapenov Avatar answered Sep 24 '22 04:09

sapenov