How can I connect to Amazon RDS instance from Amazon EC2 instance

1
votes

I have set an Amazon EC2 instance and an Amazon RDS instance. These two instances are both available.

I tried to connect to the RDS instance from my localhost, and I succeeded:

(I'm sorry about the picture's content is in Chinese, but the content in the red border means "success".)

In a word, when I used my localhost, I can connect to the RDS instance that I just set successfully.

But when I tried to use the EC2 instance to connect the same RDS instance with oracle sqldeveloper, I CANNOT EVEN CONNECT TO IT.

The error message is:

The Network Adapter could not establish the connection

How can I solve this issue?

Update:

My Security Group is:

The security groups match the AWS EC2 instance`s PRIVATE IP.

1
amazon-web-servicesamazon-ec2amazon-rds
Check the security group in rds, make sure it whitelist your ip addressHariHaraSudhan
the security group table is here: i.imgur.com/Taf3ymo.png The security groups match the AWS EC2 instance`s PRIVATE IP.rueicyunyang
Question: Does it take a long time (eg 10 seconds) to give the error, or does the error appear immediately? A long delay suggests that there is no communication between the systems, normally caused by Security Group configurations. A fast delay says that the systems are talking, but the connection was refused.John Rotenstein
I have this same precise problem. The accepted answer is as noted helpful but not an exact answerWestCoastProjects

1 Answers

1
votes

This answer is not necessarily a fix for your situation, but rather a recommendation about how to configure a security group.

Rather than using IP addresses within a security group, it is better to refer to another security group.

The configuration would be:

  • EC2-SG security group: Attach this to your EC2 instance. Allow access on desired ports (eg port 80).
  • RDS-SG security group: Attach this to your RDS instance. Allow access from EC2-SG- on desired port (eg port 3306).

This way, the RDS-SG will permit access from any EC2 instance associated with the EC2-SG security group. This will continue to work even if IP addresses change or additional EC2 instances are launched with the same EC2-SG.