Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Access to a Mysql RDS through Apprunner

0

I'm trying to surface an RDS instance for access via apprunner for a wix website. I've setup everything as detailed here: https://dev.wix.com/docs/develop-websites/articles/databases/external-databases/aws/integrate-your-aws-databases-with-your-wix-site

the DB seems to be correctly setup as I can access it from mysql workbench and interact with the tables (so it has public accessibility) . However when I try to connect through app runner, I get a "You are not authorised" error.

App runner logs confirm a 401. the RDS instance gives a [MY-013360] warning, although on investigation this seems to a an incorrect user. (see https://lefred.be/content/mysql-whos-filling-my-error-log/)

I'm unsure if it's the app runner can't connect to RDS, or it connected fine, but the credentials are wrong, is there a way to work out the difference? I've tried DB multiple users/passwords and different security group inbound outbound rules (allowing all didn't fix the problem). Credentials are being passed through a secret manager.

I've run out of ideas to diagnose and test, so any ideas appreciated. When I try the default domain for apprunner, I get this:

Tópicos
Migração e modernizaçãoAnáliseBanco de dadosComputaçãoContêineresRede e entrega de conteúdo
Tags
Amazon Relational Database ServiceAWS App RunnerGrupo de segurançaMySQL
Idioma
English
DG
feita há um mês127 visualizações
2 Respostas
2
Resposta aceita

Hello.

I also configured my AWS account using the steps in the document below, and was able to confirm the connection to RDS MySQL.
I think I've probably overlooked some setting.
https://dev.wix.com/docs/develop-websites/articles/databases/external-databases/aws/integrate-your-aws-databases-with-your-wix-site
a

For example, are the secret manager settings as per the documentation?
If you configure the settings according to the document, "SECRET_KEY" and "DB" should have been added.
a

Also, are the IAM policies "SecretsManagerReadWrite" and "AmazonRDSDataFullAccess" attached to the AppRunner IAM role?
Are "CLOUD_VENDOR", "SECRET_NAME", and "TYPE" correctly registered in AppRunner's environment variables?

profile picture
ESPECIALISTA
Riku_Kobayashi
respondido há um mês
profile picture
ESPECIALISTA
Oleksii Bebych
avaliado há um mês
profile pictureAWS
ESPECIALISTA
Didier_Durand
avaliado há um mês
  • Riku_Kobayashi ESPECIALISTA
    há um mês

    Is there a guide anywhere for what environment variables you can set? Thanks for the help!

    I looked for the documentation but couldn't find it.

0

It was a config issue, I redefined my environment variables to plaintext rather than referencing the secret and that seemed to do the trick, After this I also ran into an authentication issue because I created the user with:

ALTER USER 'User' IDENTIFIED WITH caching_sha2_password BY 'Password'

rather than

ALTER USER 'User' IDENTIFIED WITH mysql_native_password BY 'Password'

Is there a guide anywhere for what environment variables you can set? Thanks for the help!

DG
respondido há um mês

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante