How to use mySQLworkbench to connect to RDS in AWS private subnet VPC

Question

I am new in AWS VPC. I have question about how to connect mySQLworkbench to RDS in AWS private subnet.

I use VPC wizard to create scenario 2 : VPC with public and private subnets. From a lot of blogs and forums, most of the people recommend the database should be in private subnet, so I created the database in private subnet. I also created NAT gateway (not the instance). Is that anyway I could use mySQLworkbench from public (any) network to connect to the database in private subnet?

Thanks, Angela

Answer 1

I also followed the Scenario 2 in the AWS Documentation without the NAT parts. But now I can't access the RDS instance from my computer because RDS is in a private subnet.

To solve the accessibility problem I got the idea from this tutorial. I actually did not follow it, so I cannot recommend it.

What I actually did was:

1) I created an EC2 instance and gave it an ellastic IP.

2) Then I allowed the DB to receive traffic from this instance (this was already defined on the AWS tutorial, on the DB server Security Group).

3) Then I allowed an SSH connection from my computer to the EC2 instance.

4) Finnaly I was able to connect to the DB using MySQL WorkBench by establishing a connection "Standard TCP/IP over SSH"

The good thing is that this solution can be achieved using only Free Tier resources (at the time of writing) AFAIK.

Answer 2

Use VPN solution such as OpenVPN.

• Configure Openvpn server in public subnet.
• Push route of private subnet in server configuration
• Adjust the private route table to pass the vpn traffic through vpn server
• Connect to vpn using client configuration from your PC.
• Use Mysql workbench to connect to your DB instance

Other way as suggested previously, you can configure ssh bastion host and then use it as jump server to ssh into db instance. Accordingly configure mysqlworkbench connection to reach db