Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Not able to connect to PostgreSQL from AWS ECS Fargate containers

Tags:

amazon-rds

aws-fargate

I am setting up an infrastructure using Fargate and RDS for my web application.

Here are the basic details of infrastructure.

  1. Fargate and RDS are using same VPC and same Subnet
  2. We have an Application Load Balancer infront of Fargate
  3. Able to access container applications using LB url

Now the problem is, Fargate container application is not able to connect to RDS

Can somebody suggest how to configure security groups or other perimeters to allow containers to connect RDS.

If I change RDS SG configuration with RDS port and IP as 0.0.0.0/0 (Anywhere) container application is able to connect to RDS. But this we will not be able to do in UAT / PROD

like image 530
ajoy sinha Avatar asked Apr 01 '19 16:04

ajoy sinha

People also ask

How do I connect to a Postgres database from AWS?

Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/ . Open the RDS console and then choose Databases to display a list of your DB instances. Choose the PostgreSQL DB instance name to display its details. On the Connectivity & security tab, copy the endpoint.

What are some of the common causes why you Cannot connect to a DB instance on AWS?

When you can't connect to a DB instance, the following are common causes: Inbound rules – The access rules enforced by your local firewall and the IP addresses authorized to access your DB instance might not match. The problem is most likely the inbound rules in your security group.

Video Answer

1 Answers

  1. Find the security group ID of your Fargate service. It will look like sg-ab3123b1252, but with different values after sg-.
  2. In your RDS security group rules, instead of putting a CIDR in your source field, put the Fargate service security group ID. Port 5432 (assuming you are using the standard postgresql port).

By adding the Fargate security group to your RDS security group rule, you're saying "allow TCP traffic on port 5432 from any resource that uses the Source security group specified".

Check the default VPC group in the docs. That page is required reading anyway, but the section linked has an example of what I'm describing specifically.

like image 58
bluescores Avatar answered Sep 20 '22 21:09

bluescores
Sign in to Comment

Related questions

Postgres roles and users - permission denied for table
Download MySql Backup/Snapshot from Amazon RDS
RDS Mysql ERROR 1045 (28000): Access denied for user @IP (using password: YES)
AWS Lambda RDS Database Connection Pooling
Exporting a AWS Postgres RDS Table to AWS S3
Terraform: Validation error ... Member must satisfy regular expression pattern: arn:aws:iam::
How to connect Node Sequelize to Amazon RDS MySQL with Multi-AZ probably
Sequelize connection timeout while using Serverless Aurora, looking for a way to increase timeout duration or retry connection
how to connect Django in EC2 to a Postgres database in RDS?
Migrating existing database to Amazon RDS
Amazon AWS RDS vs EC2 with SQL Server [closed]
AWS RDS MySQL error. scenario when restoring data generates error ERROR 1227(42000)?
How is the Multi-AZ deployment of Amazon RDS realized?
How do I upgrade my Amazon Elastic Beanstalk MySQL RDS instance to 5.6?
How to calculate hours/month usage on Amazon RDS and Pricing?
Best way to stream/logically replicate RDS Postgres data to kinesis
Security group for AWS Lambda to access RDS
Joining 2 large postgres tables using int8range not scaling well
Unable to connect on AWS - RDS DB : SQL Server 2012 Express
Amazon RDS IAM PAM Auth failed

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!