postgresqlamazon-web-servicesamazon-ec2amazon-rds

Cannot connect RDS that was previously private to EC2 or local


I know questions like this have been asked before but even if I follow the suggested advices, I cannot get a solution.

Previously I had a private RDS instance with postgres that was working fine with a Django web application hosted in an EC2 instance in my VPC.

Now I have the need to do a pg_dump from my local machine, so I thought of changing the public accesibility so I did. Since I had no succes but the website was still working I looked for answers and turns that I needed to accept inbound traffic in the security groups and in ACL. so I did and now not even in my local nor in my EC2 I can connect to the db, so the website stopped working. Any clues? I've been on this all weekend. Thanks.


Solution

  • It appears that your situation is:

    There are two approaches you can take:

    Option 1: Make the database public

    To access the RDS database from outside of the VPC:

    However, this isn't great for security because there is a danger of exposing the database to the Internet.

    Option 2: Use a Jump-box

    You could access the RDS database without any configuration changes, but the connection needs to appear to be coming from within the VPC. You can do it as follows:

    First, confirm that you can SSH into the EC2 instance. You would use a command similar to:

    ssh -i key.pem ec2-user@IP-ADDRESS
    

    If the above works, then modify the SSH command to use port forwarding:

    ssh -i key.pem -L 5432:RDS-HOST-NAME:5432 ec2-user@IP-ADDRESS
    

    This will forward port 5432 on your own computer to the EC2 instance via SSH. Then, any traffic sent to localhost:5432 will be forwarded across the SSH connection. The EC2 instance will then send the traffic to RDS-HOST-NAME:5432. (Replace RDS-HOST-NAME with the DNS Name of the RDS database.)

    Then, in another Terminal window, you would run:

    pg_dump --host localhost --port 5432 ...