I'm currently facing an issue with my ECS tasks connection to RDS which are deployed by using AWS Copilot CLI. Despite ensuring that the ECS task and the RDS have the same VPC and appropriate security groups for connection.
Interestingly, when I deploy using the same configuration on EC2 and Lambda, the connection is established without any issues. This is the same method I've used for my API and Bastion server, and they've been working perfectly fine.
Here are the expected and actual results:
The error message:
'{'S': 'FATAL', 'V': 'FATAL', 'C': '28000', 'M': 'no pg_hba. conf entry for host "x.x.x.x", user "x", database "x", no encryption', 'F': 'auth.c', 'L': '543', 'R': 'ClientAuthentication'}.
What I've tried so far:
I'm unable to share the exact code due to security reasons, but the process involves deploying the cluster and tasks in ECS through AWS Copilot CLI and trying to establish a connection to RDS.
I'm unsure as to why the same configuration works on EC2 and Lambda but not with ECS. Any insights or potential solutions to this problem would be greatly appreciated.
Certificate from the AWS RDS page used as SSL context in Python PostgreSQL driver library connection method parameters: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html#UsingWithRDS.SSL.CertificatesAllRegions
References from AWS Support: