Can't connect to RDS instance from EC2 instance

Mark Shust at M.academy picture Mark Shust at M.academy · May 30, 2013 · Viewed 58k times · Source

From EC2 instance i-78a8df00, I'm trying to connect to RDS instance mysql.************.us-east-1.rds.amazonaws.com. They are both in the U.S. East region. I added the security group of EC2 instance (sg-********) to the RDS security group, but that didn't help. It appears to be a firewall/DNS issue as it is timing out when running this command:

ubuntu@ip-10-195-189-237:~$ mysql -h mysql.************.us-east-1.rds.amazonaws.com

ERROR 2003 (HY000): Can't connect to MySQL server on 'mysql.************.us-east-1.rds.amazonaws.com' (110)

I can connect to RDS instance fine from my local machine using the same line as above. I tried various forum solutions but those don't help.

Answer

sapenov picture sapenov · Oct 17, 2016

I had similar problem, when I spun a new EC2 instance, but didn't change setting in RDS security group of inbound IP address allowed to connect to port 3306 of my RDS instance.

The confusing bit was an option in RDS dashboard, called Security Groups. You don't need it to solve the problem.

What you really need is go to list of RDS instances, click on the instance you are trying to connect, then click on middle tab, locate Security and Network section and click on the name of security group.

Screenshot of RDS Dashboard

This should open a new browser tab or window with details of security group. Locate several tabs in bottom part, select Inbound tab and click Edit button.

Screenshot of VPC Security groups

Change value to the IP address of your EC2 instance or IPv4 CIDR blocks, e.g.

174.33.0.0/16

To get this value, you can either ssh into your instance and run ifconfig or run EC2 Manager in browser and locate value of Private IPs in your instance details.