Why can't I connect to Amazon RDS after setting it up?
By default RDS does not allow any connection that is not specified within the Security Group (SG). You can allow based on CIDR addressing or by Amazon account number which would allow any EC2 under that account to access it.
It is "just hanging" as you have not configured the firewall to accept mySQL connections from your other instance, as such the packet is being dropped at the firewall level, to resolve this you need to:
- head into your AWS console
- EC2 tab
- Note down the security group of your mySQL server (well call this SG-MYSQL for now)
- click security groups on the left of the console
- click your group in the center menu SG-MYSQL
- click inbound tab
- select mySQL from the list, add the details of your client server and save the rule
NOTE the source IP for the server will not be your elastic IP (in most cases anyway) you will have an internal ip on the device (ifconfig on linux will show you this).
A lot of talk here about security groups, but also check:
- Do the associated Subnets seem properly configured?
- Are the Subnets part of a Routing Group that seems properly configured (Internet Gateway specified, etc?)
- Does the RDS say it's Publicly Accessible?
- And of course check the RDS Security Group and EC2 Security Group
- Don't forget your actual source IP may be an internal IP (if accessing internally via a VPC) or an external IP (which may be a router's IP, or an EC2 instance's Instance IP which is distinct from its Load Balancer / Elastic IP) -- to troubleshoot, you may try to allow access to all IPs and ports.
(The routing group was my problem; in creating a new subnet, I neglected to add it to a routing group with a gateway.)
Fixed.
Had to grant access to it in the security groups under the DB...
I had the same issue ;
- Security Groups > rds-launch-wizard (or any name that was choosen for the db SG)
- select the Inbound tab > edit
- add new role
- MySQL
- Source -> insert the aws vm ip (for ex: 12.3.14.80/32)
worked for me ...