Connect to AWS RDS database from EC2
I'm student and I start to explore AWS with free tier EC2 and RDS. I have a spring boot app and this is my application.properties
server.port=8080
spring.datasource.url=jdbc:mysql://tiktok.cdo6k4mey5el.us-east-1.rds.amazonaws.com:3306/tiktok
spring.datasource.username=admin
spring.datasource.password=**********
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect
spring.jpa.hibernate.ddl-auto=update
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
When running application on my local laptop, I can connect to the RDS database and can perform CRUD actions there! However, when I deploy my app to EC2, I can not connect to MySQL on RDS!
These are my security groups for EC2 
An this is how I set the inbound with outbound on RDS
Could anyone have experience this before or found out what I did wrong to help me figure it out? Thank you!
The problem is related to your Inbound rules on the database, which are only accepting connections from your laptop and from the Database (yes, from itself!).
The typical configuration is:
- A Security Group on the EC2 instance (
EC2-SG) that permits:- Inbound: SSH (port 22) from your laptop on the Internet
- Outbound: All Traffic
- A Security Group on the RDS instance (
DB-SG) that permits:- Inbound: access on the database port from
EC2-SGand also from your laptop - Outbound rules not required
- Inbound: access on the database port from
That is, DB-SG should specifically reference EC2-SG. This way, any EC2 instance that is assigned the EC2-SG security group will be permitted to access the database.
If you are running a web application on the EC2 instance, then also add the necessary inbound ports (eg 80, 443).
In general, try to avoid mentioning specific IP addresses in Security Groups unless it is for a resource on the Internet.
In looking at your screenshots, I suspect that the Outbound rules on the EC2 instance (which are not shown) might be the problem. It should be allowing All Traffic outbound.
- How to recreate EC2 instances of an autoscaling group with terraform?
- AWS Cloudwatch Alarm Issue
- AWS EC2 | using Rusoto SDK: Couldn't find AWS credentials
- How to enable "Use for Hive table metadata" in "AWS Glue Data Catalog settings" using Terraform?
- Determine if instance is a part of some AutoScaling Group in AWS
- Difference bw "start_of_file" and "end_of_file" in AWS cloud agent configuration
- not authorized to perform: ec2:DescribeInstances because no identity-based policy allows the ec2:DescribeInstances action
- Environment specific ebextensions Beanstalk commands
- MySQL/Amazon RDS error: "you do not have SUPER privileges..."
- Is EC2 t3.micro created by ECS cluster eligible for free tier?
- Amazon Neptune OpenCypher - What is the cause for "Operation terminated (internal error)" when using SET after MERGE?
- AWS SAM CLI cannot access Dynamo DB when function is invoked locally
- EC2 instance connect : There was a problem setting up the instance connection
- Wildcard filter in aws-nuke
- Add advanced validation for AWS::Serverless::Api GET query params
- Organizing AWS IAM permissions: limit of 10 policies?
- AWS: S3 Bucket AWS You can't grant public access because Block public access settings are turned on for this account
- failed calling webhook "vingress.elbv2.k8s.aws"
- terraform tags for list variable not working
- Amazon SES successfully forwarded emails but respond with 451 4.3.0 This message could not be delivered
- Why should I use Amazon Kinesis and not SNS-SQS?
- AWS Elastic Load Balancing: Seeing extremely long initial connection time
- AWS: None of the Instances are sending data
- How to assign a role to an iam user?
- Can't connect to ECS service through ALB
- How do I reference a resource created from different module in my current module?
- Aws Workspace Client cannot be opened in Ubuntu - 20.04.6 LTS
- How can I host a React app on AWS with a Python backend?
- AWS Lambda - How to stop retries when there is a failure
- How Do I get Object URL for Amazon S3 object