0

The MySQL DB residing in AWS RDS was made to connect with resources in the same VPC. I always had to make it publicly accessible in order to connect to it through MySQL Workbench 8.0 CE in Windows 11. The moment that I used mysql(2) NPM package to connect to it in a NodeJS server running locally (using localhost) on the same network that I used to connect it to the MySQL DB through MySQL Workbench, it connects successfully but then immediately loses the connection. It was weird to me because it was just two hours ago when I connected successfully to it through MySQL Workbench. I tried several other packages such as knex and @aws-sdk/client-rds-data but they all had the same issue. So I went back to MySQL Workbench and the connection failed for the first time although I made sure that the hostname is correct, the port, the username the password, tried to establish a new connection, restarted my PC, made sure MySQL in the RDS is set to publicly accessible, and checked CloudTrail to make sure that no one touched its AWS settings including myself except my changing to its option when I make it publicly accessible.

Checking the logs, I found the following when trying to connect through the code using a valid user:

nodejs code caused an error

My public IP address:

my public IP address

The error I get when I am trying to connect to it on MySQL Workbench:

MySQL workbench error

What I did so far but none worked:

  • Disabled my network proxy.
  • Disabled my Firewall.
  • Manually set the DNS to Google DNS.
  • Reset my user password in the AWS RDS and tried the new password.
  • Enabled the VPN.

Please note that:

  • I can connect to the AWS RDS through my Lambda Function in the AWS Cloud in the same VPC.
  • The MySQL is running on a pod in the EKS and I can connect to it when executing the pod.
  • The Outbound rule of MySQL in the RDS in a Security Group allows all addresses to connect to it, and two other Inbound rules that one of them is public while the other is specific.

outbound rule in sg aws

My question is: How can I regain my local connection to it? What is the reason for losing the connection in the first place?

Any help will be definitely appreciated.

Improve this question
8
  • 1
    "Make publicly accessible" gives RDS a public IP. You need to ensure RDS is in a subnet that has a route to the internet gateway, and the security group the RDS instance is in has the correct port open from your home / work public IP to the RDS instance.
    – Tim
    Jun 14 at 21:26
  • 1
    Well... learning equals success. You're probably better off learning about networking than replicating production data into a personal AWS account. The changes to make an RDS database available to one IP on the internet securely are relatively simple. AWS Training is widely available, training for AWS architect / sysop would be appropriate. You could also hire a professional to help you with this.
    – Tim
    Jun 15 at 19:54
  • 1
    @Tim, I'm already taking a DevOps course on Udemy to cover the essentials first and didn't reach the Networking section yet. This issue is blocking my work so I can't possibly wait till I obtain the needed AWS certificates. Hiring a prof. sounds great except that it is pricey; no offense.
    – Learning Equals Success
    Jun 15 at 20:55
  • 1
    Well, I gave you the answer above, you just need to learn enough to understand how to implement it :)
    – Tim
    Jun 15 at 22:07
  • 1
    Try from a different PC, if you're talking about your local firewall, or try with your firewall off. Otherwise if you want more AWS help you need to provide screenshots of RDS showing publicly accessible, RDS security group, RDS subnet, security group inbound and outbound rules, subnet, subnet route table, and internet gateway, so we can trace it to see what's wrong. Based on what you've said it could just be a local firewall, but everything you're saying is imprecise so it's difficult to tell.
    – Tim
    Jun 17 at 21:39

1 Answer 1

Reset to default
2

Generally the steps to resolve this are:

  • Make your RDS instance "publicly accessible". This allocates it a public IP address, but does nothing else
  • Make sure the RDS instance is in a public subnet, ie it has a route to the internet gateway
  • Ensure the security group grants access to the IP addresses on the internet that require access
  • Check the Network ACL
  • Make sure any firewall on your remote computer / local PC isn't blocking access

This answer is to cover off what was discussed in the comments so the question can be answered / closed off.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .