Score:0

AWS Postgres database IP in security group, how to enter info to survive IP address changes?

cn flag
mj_

I have an existing prod Postgres database and I would like to replicate a table to a new Postgres database. In order to get the two to be able to talk to each other, I had to edit an AWS security group and add the public IP address of the new database since both databases are on a common VPC. While reading, I saw that the public IP of an RDS database can change. This would mean that the IP entered into the security group is no longer valid.

Is there a way to add my new database into the security group without being impacted by IP address changes?

Score:0
gp flag
Tim

If they're in the same VPC I would put them in different security groups, but then the rules between the security groups would be by SG name rather than IP address / CIDR range.

New database SG

Existing Database SG

cn flag
mj_
Alright, I did that. I have a common VPC, two security groups (sg-NEW and sg-EXISTING) where Postgres prod has sg-EXISTING and Postgres new has sg-NEW and sg-EXISTING. sg-EXISTING has an inbound rule for sg-NEW. I removed the inbound route for the public IP and it stopped working.
Tim avatar
gp flag
Tim
Address the existing database using the DNS name for the RDS database rather than a public IP.
cn flag
mj_
I see that when I attempt to address to the DNS name for the database for the Prod database, the public IP is returned for it. Within a VPC, is there a way to force a local IP to get used instead?
Tim avatar
gp flag
Tim
I suspect that the public IP will be remapped to the private. What I've heard in the past is private IPs are used within the VPC, public IPs are done in the internet gateway as a type of NAT. What I don't know is if using the public IP will be translated to the private IP and directly accessed or if it will go via the internet. I'd disable the 0.0.0.0/0 route to the internet in the route table, if you can still contact RDS it's using private IPs
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.