Bobcares

Can’t connect to AWS RDS instance – How to fix

by | Jun 8, 2021

Can’t connect to AWS RDS instance? We can help you.

Often we receive requests from our customers that they are unable to connect to Amazon RDS account from other instances.

Here at Bobcares, we often handle requests from our customers to fix similar AWS errors as a part of our Server Management Services. Today we will see how our support engineers fix this for our customers.

How to fix Can’t connect to AWS RDS instance

Before going into the steps for fixing this error we will see what causes this error.

Causes :

  • DB instance is not in available state
  • The DB instance is not publicly accessible
  • Inbound rules for the security group do not allow connections.
  • The routing table does not include an Internet Gateway.

Methods to fix this issue:

Following are some of the aspects which help us to fix this issue.

1. Ensuring that the DB instance is in an available state

If we have recently launched or rebooted the DB instance, we must confirm that the DB instance is in the available state in the Amazon RDS console.

Depending on the size of the DB instance, it can take up to 20 minutes for the DB instance to become available for network connections.

And if it is in an available state, We can verify the connection by running either of the following commands:

telnet <RDS endpoint> <port number>
nc <RDS endpoint> <port number>

If either the telnet or nc commands succeed, then we can understand that a network connection was established.

So the issue may likely be caused by the user authentication to the database, such as user name and password.

2. Ensuring that inbound rules for the security group allow connections

For creating  an internet gateway and attaching it to VPC we can do the following:

1.  Firstly, we have to open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. Then click Internet Gateways, and then go to Create internet gateway.

3. We can name the internet gateway if we wish to as it is optional.

4. Also, it is optional to add or remove a tag.

  • [Add a tag] Choose Add tag and do the following:
  1. For Key, enter the key name.
  2. For Value, enter the key value.
  • [Remove a tag] Choose Remove to the right of the tag’s Key and Value.

5. After that we have to click Create internet gateway.

6. Now select the internet gateway that was created, and click Actions, Attach to VPC.

7. Finally, select the VPC from the list, and click Attach internet gateway.

3. Creating a custom route table

When we create a subnet, we automatically associate it with the main route table for the VPC.

By default, the main route table doesn’t contain a route to an internet gateway.

The following procedure creates a custom route table with a route that sends traffic destined outside the VPC to the internet gateway and then associates it with our subnet.

For creating a custom route table we can use the following steps:

1. Firstly, we have to open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. Then click Route Tables, and go to Create Route Table.

3. In the Create Route Table dialog box, optionally name your route table, then select your VPC, and then choose Yes, Create.

4. After that we can select the custom route table that we just created.

5. Then in the Routes tab, click Edit, Add another route, and add the following routes as necessary.

  • For IPv4 traffic, specify 0.0.0.0/0 in the Destination box, and select the internet gateway ID in the Target list.
  • For IPv6 traffic, specify ::/0 in the Destination box, and select the internet gateway ID in the Target list.

6. And in the Subnet Associations tab, we can click on Edit, select the Associate check box for the subnet.

7. Finally, click Save.

4. Creating a security group for internet access

By default, a VPC security group allows all outbound traffic.

However, we can create a new security group and add rules that allow inbound traffic from the internet.

Also, we can then associate the security group with instances in the public subnet.

For creating a security group and associating it with the instances we can do the following:

1. Firstly, we have to open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. Then click Security Groups, and go to Create Security Group.

3. In the Create Security Group dialog box, we can specify a name for the security group and a description.

4. After that we need to select the ID of our VPC from the VPC list, and then choose Yes, Create.

5. Next, we will select the security group. The details pane displays the details for the security group, plus tabs for working with its inbound rules and outbound rules.

6. On the Inbound Rules tab, click Edit. And then click Add Rule, and complete the required information.

For example:

We can select HTTP or HTTPS from the Type list, and enter the Source as 0.0.0.0/0 for IPv4 traffic, or ::/0 for IPv6 traffic.  Ensure to click Save after making the changes.

7. Next, we can open the Amazon EC2 console at https://console.aws.amazon.com/ec2/  and click Instances.

6. We have to select the instance and click Actions, then Networking, and then select Change Security Groups.

8. In the Change Security Groups dialog box, clear the check box for the currently selected security group, and select the new one.

Finally, click on Assign Security Groups.

5. Setting the DB instance to be accessible publicly

To check whether a DB instance is publicly accessible, we can use the Amazon RDS Console or the AWS CLI.

To change the Publicly Accessible property of the Amazon RDS instance to Yes:

1. Open the Amazon RDS console.

2. And click on Databases, and then select the DB instance.

3. Next, we have to click Modify.

4. Here, under Connectivity, we can extend the Additional configuration section, and click on Publicly accessible.

5. After that click Continue and then click Modify DB Instance.

[Need assistance? We can help you]

Conclusion

In short, we saw how our Support Techs fix “Can’t connect to AWS RDS instance ” for our Customers.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.