How to connect RDS from a different account with allowed IP in AWS?
Solution 1:
can't ping the RDS cluster's endpoint
RDS typically doesn't respond to ping. Try to connect to it with your mysql or postgresql or whatever client right away without pinging.
Also make sure that all your routing is in order - that both VPCs have routes to the other VPCs through the TGW. The packets must find a way to go from EC2->TGW->RDS and also back from RDS->TGW->EC2.
Unless you have some other uses for TGW you may be better off with a simple VPC Peering for your usecase.
That /27
vs /32
doesn't matter. One is the subnet range and one is the host IP. In the RDS SG it's enough to allow the host IP.
Hope that helps :)