I have a "publicly accessible" RDS PostgreSQL DB instance in its own VPC and an EC2 instance in a second, peered VPC. The SGs allow PostgreSQL protocol in both directions and both VPCs also have IGWs attached. Pgadmin connects to the RDS instance from the EC2 instance using the public IP address but not the provided hostname. I need to be able to use the hostname. Any suggestions to troubleshoot?
3 Answers
Hostnames of public accessible RDS instances are resolved differently from the outside and from the inside of aws. So from ec2 instance it will be a private ip, while from the outside (e.g. from your local machine or another hosting provider) - a public one.
I'd suggest to look at rds instance security groups, keeping in mind this fact.
I was getting timeout errors.
I figured out the problem - the relevant route tables for both of the related VPCs had broken routes to the VPC Peering Connection (reported in the AWS Console as a "Blackhole"). I was able to connect to the RDS instance using the RDS "endpoint" address after creating new routes (pointing towards the other VPC) for each VPC's main route table.
Thank you to everyone for the suggestions.
nslookup
on the RDS hostname from the EC2 instance? You probably need to include your route table configuration for the subnet the EC2 instance is in (in other words, does it have a specific route to the peered VPC?) and the exact security group settings of the RDS instance. – Mark B