I’ve been struggling with this for 2 days now. Did a lot of research and troubleshooting for the most obvious things related to the connection. I’ll enumerate all I did and how is everything is setup.
-
I created a custom VPC for this in the 10.0.0.0/16 CIDR
-
I created 6 subnets, 2 public, 2 private and 2 db public subnets.
-
Created the route tables for the subnets.
-
The public subnet and the db subnet have a route to the IGW
-
The internet gateway is attached to the VPC.
-
The database has been created with "public access" and also in the public db subnets.
-
The Security Group has been updated with inbound rule. Eventually I would like to only connect from a given set of IPs but for now I’m opening to all IPs for troubleshooting.
So until this point according to all the tutorials, videos that I’ve watched I should be able to connect to the RDS instance.
One of the suggested troubleshooting steps was to try and TELNET into the instance.
I redacted the endpoint but that’s the one I got from the RDS panel.
➜ proj git:(main) ✗ telnet REDACTED.REDACTED.us-west-1.rds.amazonaws.com 5432
Trying XX.XXX.39.69...
telnet: connect to address XX.XXX.39.69: Operation timed out
telnet: Unable to connect to remote host
Another suggestion was to try from a different network. I did try on cellular data and also from a VPS in DigitalOcean, same effect.
Hope someone can guide me on this because it’s driving me crazy…
EDIT1: ENI Public IP address does match the resolved IP from TELNET
2
Answers
I ended up creating a new AWS account and run the exact same configuration and it worked without any issue... I found some other reports were people are experiencing the same issue (see link below). Apparently it happens for accounts that were blocked/restricted and when they lift the restriction something stays broken. Sad news is that it requires technical assistance from AWS to solve and they won't accept the issue without raising a technical issue which requires a subscription...
SSH connection drops after couple seconds on every new instance EC2, then any attempt to reconnect always return connection timed out error
FINAL RESOLUTION FROM AWS.
I did some research using internal tool and see that resources in your account are under restricted access. I see that account was reinstated recently from suspended state. When account are suspended, the resources in all the region will be in restricted access. After the account reinstated, this restriction should be removed in every region manually. I assume this was not done from our end thus I see the restriction.
Please accept my apologize on behalf of the AWS for the inconvenience caused due to the same.
Moving further, I contacted my internal team and got the restriction removed in all the region for your account. I can confirm the restriction has been removed now. Please confirm whether you could connect to instance now.
I once again apologize for the inconvenience caused. Please do not hesitate to get back to me if you have any other queries. I will be happy to assist you.
Thank you and have a nice day!
We value your feedback. Please share your experience by rating this and other correspondences in the AWS Support Center. You can rate a correspondence by selecting the stars in the top right corner of the correspondence.
Best regards, Ruchikka C. Amazon Web Services
To reproduce your situation, I did the following:
(I then renamed
private3andprivate4as my DB subnets.)Created a new DB Subnet Group containing the two "DB" subnets
Launched an Amazon RDS Database:
db.t3.microConfirmed that the auto-created security group permits Inbound port 5432 to my IP address (It did!)
Connected to the database using
psqlfrom my laptop:It connected just fine!
Please compare my steps with yours to see what might be different.