Score:0

Server

Lost Local Connection to MySQL DB that resides in AWS RDS

Tasneem ZH

6/14/24, 6:51 PM

The MySQL DB residing in AWS RDS was made to connect with resources in the same VPC. I always had to make it publicly accessible in order to connect to it through MySQL Workbench 8.0 CE in Windows 11. The moment that I used mysql(2) NPM package to connect to it in a NodeJS server running locally (using localhost) on the same network that I used to connect it to the MySQL DB through MySQL Workbench, it connects successfully but then immediately loses the connection. It was weird to me because it was just two hours ago when I connected successfully to it through MySQL Workbench. I tried several other packages such as knex and @aws-sdk/client-rds-data but they all had the same issue. So I went back to MySQL Workbench and the connection failed for the first time although I made sure that the hostname is correct, the port, the username the password, tried to establish a new connection, restarted my PC, made sure MySQL in the RDS is set to publicly accessible, and checked CloudTrail to make sure that no one touched its AWS settings including myself except my changing to its option when I make it publicly accessible.

Checking the logs, I found the following when trying to connect through the code using a valid user:

My public IP address:

The error I get when I am trying to connect to it on MySQL Workbench:

What I did so far but none worked:

Disabled my network proxy.
Disabled my Firewall.
Manually set the DNS to Google DNS.
Reset my user password in the AWS RDS and tried the new password.
Enabled the VPN.

Please note that:

I can connect to the AWS RDS through my Lambda Function in the AWS Cloud in the same VPC.
The MySQL is running on a pod in the EKS and I can connect to it when executing the pod.
The Outbound rule of MySQL in the RDS in a Security Group allows all addresses to connect to it, and two other Inbound rules that one of them is public while the other is specific.

My question is: How can I regain my local connection to it? What is the reason for losing the connection in the first place?

Any help will be definitely appreciated.

133

1 + 8

mysql

networking

localhost

amazon-web-services

node.js

Tim

6/14/24, 9:26 PM

"Make publicly accessible" gives RDS a public IP. You need to ensure RDS is in a subnet that has a route to the internet gateway, and the security group the RDS instance is in has the correct port open from your home / work public IP to the RDS instance.

Tasneem ZH

6/15/24, 6:02 PM

@Tim, thank you. In this case, I will replicate the DB into my personal AWS account to not miss with the curr. prod configs due to my little knowledge about networking. Will update the post once done

Tim

6/15/24, 7:54 PM

Well... learning equals success. You're probably better off learning about networking than replicating production data into a personal AWS account. The changes to make an RDS database available to one IP on the internet securely are relatively simple. AWS Training is widely available, training for AWS architect / sysop would be appropriate. You could also hire a professional to help you with this.

Tasneem ZH

6/15/24, 8:55 PM

@Tim, I'm already taking a DevOps course on Udemy to cover the essentials first and didn't reach the Networking section yet. This issue is blocking my work so I can't possibly wait till I obtain the needed AWS certificates. Hiring a prof. sounds great except that it is pricey; no offense.

Tim

6/15/24, 10:07 PM

Well, I gave you the answer above, you just need to learn enough to understand how to implement it :)

Tasneem ZH

6/17/24, 2:22 PM

I created a new DB with what you mentioned and it worked, but the replicated prod. DB didn't. No changes were needed for the prod. DB, as it allows all traffic in an Inbound rule, the Publicly Accessible option was turned on. It has 2 public subnets connected to an Internet Gateway, 6 private subnets connected via a router to a NAT with a Public connection and an IP. VPC's network ACL allows all traffic in the Inbound and Outbound rules. I was able to connect to it at some point but lost connection once I turned my Firewall on and remained disconnected even after turning it off.

Tim

6/17/24, 9:39 PM

Try from a different PC, if you're talking about your local firewall, or try with your firewall off. Otherwise if you want more AWS help you need to provide screenshots of RDS showing publicly accessible, RDS security group, RDS subnet, security group inbound and outbound rules, subnet, subnet route table, and internet gateway, so we can trace it to see what's wrong. Based on what you've said it could just be a local firewall, but everything you're saying is imprecise so it's difficult to tell.

Tasneem ZH

6/18/24, 7:55 AM

Thanks a lot, Tim! Trying a diff. PC worked. I did that by connecting to one through a VPN and by using the Remote Desktop with turning off the local Firewall and any third-party defender. I definitely think at this point that the issue is with my Firewall acting up

Score:2

Server

Tim

6/18/24, 9:21 PM

Generally the steps to resolve this are:

Make your RDS instance "publicly accessible". This allocates it a public IP address, but does nothing else
Make sure the RDS instance is in a public subnet, ie it has a route to the internet gateway
Ensure the security group grants access to the IP addresses on the internet that require access
Check the Network ACL
Make sure any firewall on your remote computer / local PC isn't blocking access

This answer is to cover off what was discussed in the comments so the question can be answered / closed off.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Lost Local Connection to MySQL DB that resides in AWS RDS

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.