Connecting AWS EC2 API to AWS RDS on same VPC, works externally

1
votes

New to AWS, and I am attempting to connect an API on my EC2 instance with my RDS. Attempts return a 500 Error

What I am able to do successfully:

Connect to the RDS with an API hosted on an external server. Run API's on my EC2 instance, just not ones that connect to database.

What solutions I have attempted: Added new MYSQL/Aurora Inbound and Outbound rules to include: EC2 Private IPv4 Address/32 EC2 Public IPv4/32 EC2 Security Group

Because I can reach the database externally and run PHP scripts on the server, I am leading that the issue is with the EC2 Connecting with the RDS though I am sure it could be something else.

*I am using PHP APIs to connect to MySQL RDS

Thank you for your time and assistance.

1
amazon-web-servicesamazon-ec2amazon-rdsaws-security-group
Is 500 error a time out error? Do you have any message which goes with the error code?Marcin
@Marcin It's a 500 Internal Server Error with no messageJohn Alexander
What if you just use mysql client to connect to your db? It also does not work, or the issue is your API call?Marcin
@Marcin I have no issues connecting to the DB via a mysql client. Issue seems to be just coming from the EC2 APIs, which I was able to confirm working from external server.John Alexander

1 Answers

0
votes

If you connect the same way as the external server (maybe via port 3306) then the EC2 should connect via port 3306 too.

If your security group is blocking port 3306 , and you are connecting via the public endpoint, then you may not be able to connect to the database.

I recommend disabling public port 3306 access on the RDS , and only allow "internal" IP address to access the database via port 3306 , that way you can configure the EC2 to access the RDS using the internal IP address.

By internal I mean the LAN IP of the RDS, assuming they are in the same VPC and AZ (cross AZ can be allowed too, just depends on how you set it up).