AWS RDS Database instance not wanting to connect to GCP Compute Engine instance

Hello,

I am attempting to run a program on a GCP Compute Engine instance that connects to an AWS RDS database.

Each time I try to connect from the GCP instance, I receive the error: (2003, "Can't connect to MySQL server on '<endpoint-name>' (timed out)")

The application works fine when run in IDE, and I'm able to connect to the RDS through external programs, but it refuses to connect properly through the VM.

Is there something I've missed, maybe with the security, that would allow the two to communicate?

Thank you,

Claire

Topics

Database

Tags

Amazon RDS for SQL Server

Language

English

claireaw

asked 8 days ago107 views

1 Answer

Newest
Most votes
Most comments

Hello.

Because of the timeout error, I thought that the GCP Compute Engine IP address might not be allowed in the inbound rules of the security group on the RDS side.
What kind of rules are set for RDS security group settings?
Also, does RDS have public access enabled?
https://repost.aws/knowledge-center/rds-connectivity-instance-subnet-vpc

If you want to access privately, I think you need to connect AWS and GCP with a VPN etc.
https://cloud.google.com/network-connectivity/docs/vpn/tutorials/create-ha-vpn-connections-google-cloud-aws

EXPERT

Riku_Kobayashi

answered 8 days ago

EXPERT

Oleksii Bebych

reviewed 7 days ago

claireaw
8 days ago
Hello,

Thank you for the help, I'm very new at all of this.

I was messing with the inbound security rules for the RDS, and I managed to get it to work. I added an inbound rule for "All TCP", and "0.0.0.0". However, this doesn't seem to me like it's extraordinarily safe.

Though this is mostly a side project, it does have a public-facing front, so I'm going to make sure there's no potential vulnerabilities with the security rules.

-Claire
Riku_Kobayashi EXPERT
8 days ago

I added an inbound rule for "All TCP", and "0.0.0.0". However, this doesn't seem to me like it's extraordinarily safe.

As you know, this setting is not secure. If possible, configure MySQL's 3306 and IP addresses to only allow those from GCP Compute Engine.

Relevant content

How to create a Service Principal Name (SPN) for an AWS RDS-managed SQL Server instance computer object in AD?
Federico
asked 2 months ago
Unable to connect to Aurora mysql RDS instance from internet/local computer
dre
asked 5 months ago
RDS Reserved Instances - Change of Engine
AWSJackC
asked 10 months ago
How to get all compute resources connected with an RDS database programmatically?
Saru
asked 8 months ago
How can I use an SSH tunnel and MySQL Workbench to connect to a private Amazon RDS MySQL DB instance that uses a public EC2 instance?
AWS OFFICIALUpdated 2 years ago
How do I successfully connect to my Amazon RDS instance using an SSL connection?
AWS OFFICIALUpdated 2 years ago
Why can't I connect to my Amazon RDS for Oracle database instance?
AWS OFFICIALUpdated 9 months ago
How do I configure a Lambda function to connect to an RDS instance?
AWS OFFICIALUpdated a year ago
Amazon RDS now supports AWS Graviton3-based M7g and R7g database instances
EXPERT
Markus Adhiwiyogo
published a year ago
Optimize AWS costs without architectural changes or engineering overhead
EXPERT
rdoty
published a year ago