- Más nuevo
- Más votos
- Más comentarios
Have you tried Query Editor or Data API? They are easy ways to access Aurora Serverless.
Query Editor
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/query-editor.html
Data API
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html
connection refused usually means that there is some network connectivity issue. Can you check your Security Groups on RDS?
Following link shows the steps that you would need:
https://aws.amazon.com/premiumsupport/knowledge-center/rds-connect-ec2-bastion-host/
Thank you for your answer, yes I opened all traffic in my RDS. I tried to follow those 2 articles which seem to have the same requirement as mine but the same result in the end :
Assuming that you want to connect to private RDS end-point from the Internet
- Set up bastion host in public subnet in your VPC along with Internet Gateway. Make sure you are able to log into bastion host with SSH keys.
- Set up SSH tunnel using RDS end-point as host followed by : and port number. Open the SSH session on bastion host along with tunnel setting.
- You should be able to connect to RDS end-point from tool running on your machine over the internet. Hope this helps.
Thank you @Sahin_v, but as mentioned My VPC is private only VPC with private SNs, and I don't have to change that requirement. i am able to connect to my private bastion host in private SN via SSM port forwarding, but from there to RDS port it hangs
You indicated this is a private VPC. Is there a route to the internet via an on-prem connection or have you added an endpoint for SSM? If not, then the SSMAgent in the instance has no route to connect to the SSM Service. The SSMAgent originates the connectivity outbound. If this sounds like your situation take a look at Step 6: (Optional) Create a Virtual Private Cloud endpoint (https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html)
it's a private VPC linked with another Public VPC with a TGW, but mine is a private VPC and should stay private VPC
You should make a tunnel using the bastion host that can be connected with session manager.
Please check the following link:
https://aws.amazon.com/premiumsupport/knowledge-center/systems-manager-ssh-vpc-resources/
These are external links and I haven't verified their steps, but I think this could help you. https://www.element7.io/2021/01/aws-ssm-session-manager-port-forwarding-to-rds-without-ssh/ https://www.linkedin.com/pulse/remote-port-forwarding-using-aws-ssm-session-manager-jaros%C5%82aw-grz%C4%85bel/?articleId=6704645407001120768 https://www.reddit.com/r/aws/comments/gh8cde/ssm_session_manager_portforwarding_to_rds_wout_ssh/
You need a few extra configuration steps on the bastion host to be able to port forward to a destination outside of the instance.
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 4 años
Thank you for your reply, with DATA API I can connect my NodeJs/NestJs application to my private RDS DB at the moment of application launch?