Can't connect to RDS from EC2 using terraform created infrastructure

1
votes

I created the infrastructure manually following the steps provided in the link: connecting-to-a-database-within-an-amazon-vpc.

I could connect to RDS in private subnet from ec2 in public subnet perfectly. That is exactly what I wanted.

But when I tried to create the same exact replica using terraform, it just doesn't connect.

The command:

nslookup <my-hostname>

gives me the Private IP.

The command:

telnet x.x.x.x 5432

results in "telnet: Unable to connect to remote host: Connection timed out"

The command:

netstat -an | grep x.x.x.x

shows "SYN_SENT".

I tried allowing all the IP's in RDS security group by adding 0.0.0.0/0. That didn't work.

I tried to create RDS instance manually, but added it to terraform created VPC and tried to connect using terraform created ec2 instance. That didn't work.

Am i missing something ? Any help is much appreciated.

2
amazon-ec2amazon-rdsterraformamazon-vpc

2 Answers

0
votes

troubleshooting steps:

  1. Check security group's egress (outbound rules) on your public ec2 instance,

Make sure it allows outbound rules with port 5432 to access rds (which is in private subnets)

  1. Check security group's ingress (inbound rules) on your rds instance. Maybe sure it allows port 5432 from public ec2 instances CIDR ips or security groups.

If not, please update your terraform codes according.

0
votes

The ec2 instance is in public subnet. That would mean ideally traffic would go from NAT Gateways. So I would suggest to edit the security group rule of RDS add a rule to allow public IPs of NAT Gateways to be accessible on the port 5432.