1
votes

I'm new and trying to explore AWS and creating a test app running on IIS (EC2 set in Public) and MSSQL RDS(set in Private). However my IIS is not able to connect on the RDS. Looking on my IIS EC2 it has a defined private IP too, same subnet used also from RDS, security group of RDS allows the subnet of the EC2, IAM of EC2 also has RDS Full access.

But still my ec2 wont connect on the RDS. May I ask on what I'm missing on my settings?

1

1 Answers

0
votes

It appears that your configuration is:

  • One VPC
  • A Public Subnet containing an Amazon EC2 instance
  • A Private Subnet containing an Amazon RDS for SQL Server instance
  • You are attempting to connect from the EC2 instance to the RDS db instance

For this to work, you should configure:

  • A Security Group (let's call it EC2-SG) that is associated with the EC2 instance, permitting connections such that you can login to the EC2 instance
  • A Security Group (RDS-SG) associated with the RDS db instance, with an incoming connection configured for SQL Server (port 1433) with source set to EC2-SG

That is, the database security group should ALLOW an incoming connection with a source of the security group that is associated to the EC2 instance. The VPC will automatically figure out the IP addresses — you do not need to specify them.

Then, connect from the EC2 instance to the RDS db instance via the DNS Name of the RDS instance that is given in the RDS console.