While preparing to deploy a Java-based application on Amazon, I encountered a strange error — the EC2 instance was not able to access the RDS instance.
I looked into various forums, and many indicated that the only option is to allow this is by adding the public IP of the EC2 instance as an “authorized IP” (CIDR/IP) in RDS instance’s security groups. I wanted to avoid that, as this did not seem right.
Tried out various combinations, and finally, (with some background from one of the posts), things got working:
I got a whiff of what could be wrong here. Turns out, EC2 instance’s security groups have to be added in the ‘default’ security group in the RDS instance, for it to allow traffic from EC2. We need to select the ‘Connection Type’ as ‘EC2 Security Group’ which would populate the active EC2 instance security in the ‘details’ cell — which then then be authorized.
Once the above is done, use the public IP of RDS instance to connect. For instance, for MySQL, I used the following string:
mysql -u admin -p -h xxxxx.yyyyy.rds.amazonaws.com
and Voila! I got through!