I’ve created an RDS instance on AWS and am trying to connect to it using MySQL Workbench from my local machine. I’ve configured the RDS instance to be publicly accessible, it sits in a public subnet with access to an internet gateway, and its VPC security group accepts traffic from my IP address on port 3306. However, I cannot connect to the database (MySQL Workbench times out).
My RDS configuration:
My security group configuration:
The only way I can connect to it without issues is by configuring the security group to accept all traffic using IP 0.0.0.0/0 on port 3306, which has some obvious security concerns. I believe the fact that I can connect when the security group accepts all traffic proves that the problem is not with my ISP or any firewalls on my local network.
I feel like I’ve tried everything. Is there anything I’m missing?
2
Answers
Solution
For anyone using AWS RDS on a Mac, the solution to this problem is very straightforward. Just turn off Apple's Private Relay by going to
System Settings > 'Your Name' > iCloud > Private Relay. This service routes your requests through multiple relays that encrypt your data and generate temporary IP addresses. The temporary IP addresses are what messes things up in this case.I can't believe this took me a week to figure out. I hope I can save someone else some time :)
The rule that you have allows traffic from 172.x.x.x, which is actually your subnet’s IP range.
If you’re trying to access from your local machine, you have to add your own IP address to the security group allow rules. You can do that in 2 ways: