英文:
Can't connect to RDS instance from local computer (outside VPC)
问题
I have created 2 RDS instances inside a VPC with 3 public and 3 private subnets. Both have the public accessible option set to yes, yet i can only connect to one of them from my computer. The other one can only be accessed from an ec2 instance that is inside the VPC
My understanding is that one of the RDS instances ended up inside a public subnet, while the other (the one i can't access from home) ended up inside a private subnet.
Question - Can I guarantee, on creation, that the instance will be inside a public subnet? If not, can i put the instance in a public subnet later, without changing the subnet from private to public?
I have checked this article from aws knowledge center, but i didn't fully understand the solution. It seems the solution is to change a private subnet to public, which i ended up not doing since i have other ec2 instances inside the VPC that cannot be in public subnets. What I did so far was creating another VPC with public subnets only and recreating the RDS instance there.
(我已经在一个VPC内创建了2个RDS实例,其中包括3个公共子网和3个私有子网。它们都将"public accessible"选项设置为"是",但我只能从我的计算机连接其中一个。另一个只能从VPC内的一个EC2实例访问。
我理解其中一个RDS实例最终位于公共子网,而另一个(我无法从家中访问的那个)位于私有子网。
问题 - 我能否在创建时保证实例位于公共子网中?如果不行,是否可以将实例后来放入公共子网,而不将子网从私有更改为公共?
我查看了来自AWS知识中心的文章,但我没有完全理解解决方案。似乎解决方案是将私有子网更改为公共,但我最终没有这样做,因为我在VPC中还有其他EC2实例,不能位于公共子网中。到目前为止,我所做的是创建一个仅包含公共子网的另一个VPC,并在那里重新创建RDS实例。
英文:
I have created 2 RDS instances inside a VPC with 3 public and 3 private subnets. Both have the public accessible option set to yes, yet i can only connect to one of them from my computer. The other one can only be accessed from an ec2 instance that is inside the VPC
My understanding is that one of the RDS instances ended up inside a public subnet, while the other (the one i can't access from home) ended up inside a private subnet.
Question - Can I guarantee, on creation, that the instance will be inside a public subnet? If not, can i put the instance in a public subnet later, without changing the subnet from private to public?
I have checked this article from aws knowledge center, but i didn't fully understand the solution. It seems the solution is to change a private subnet to public, which i ended up not doing since i have other ec2 instances inside the VPC that cannot be in public subnets. What I did so far was creating another VPC with public subnets only and recreating the RDS instance there.
答案1
得分: 3
在启动 Amazon RDS 数据库时,您必须选择一个 DB Subnet Group。这是一个 RDS 允许启动数据库的子网列表。该组必须包含至少两个可用区的子网。
如果您希望确保数据库在一个 公共子网 中启动,请确保 DB Subnet Group 只包含公共子网。
如果您还没有开始使用这些数据库,我建议您终止这些数据库,纠正 DB Subnet Group 中的条目,并启动新的数据库。这将确保它们始终位于公共子网中。
英文:
When launching an Amazon RDS database, you must select a DB Subnet Group. This is a list of subnets where RDS is allowed to launch the database. The group must contain subnets from at least two Availability Zones.
If you wish to ensure that the database is launched in a public subnet, then make sure that the DB Subnet Group only contains public subnets.
If you have not started using the databases, I recommend that you terminate the databases, correct the entries in the DB Subnet Group and launch new databases. This will ensure that they are always in a public subnet.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论