AWS Classroomnotes 08/Dec/2022

Connectivity in AWS RDS

  • Database in RDS can be made publically accessible or only with in vpc
  • To select the subnets i.e. AZ’s where the database should be created we use db subnet group.
  • Security group around database has allow rules to allow traffic only from recomended sources
    Preview
  • Generally when applications access database they need connection strings. Connection string has following information
    • database fqdn/ip address
    • engine
    • port
    • credentials
  • Connection strings in applications can be configured in two ways

    • by changing config files (properties.xml, web.config)
    • Environmental Variables
  • Things to be checked

    • VPC
    • subnet group
    • security group
  • Lets create a security group for mysql access within vpc range. Note: default vpc had a range of 172.31.0.0/16. mysql by default works on port 3306
  • Navigate to VPC from services
    Preview
    Preview
    Preview
    Preview
  • Now Navigate to RDS and view subnet groups
    Preview
    Preview
    Preview
  • Now lets create a database with default subnet group in AZ b, security group created above and mysql free tier eligible and not publically accessible
  • Connectivity Options
    Preview
    Preview
    Preview
  • The database which we have created is not publically accesible and security group allows only connections from other devices from same vpc on port 3306
    Preview
  • Lets try to connect to this database from external network (your laptop). It should not allow.
    Preview

Next Steps

  • We will try connecting from windows vm by installing mysql workbench

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner