0

I've spun up an RDS postgres database in an existing VPC (which has both public and private subnets - connected to a NAT gateway) which I've set as publicly accessible.

I've added the relevant IP addresses to the attached security group, and this has allowed internal access from inside the VPC but not external access.

Struggling to figure out where to start looking for troubleshooting not being able to access the database externally from the safe-listed IPs.

I've run through the amazon troubleshooting guides (is it set to public? does the vpc have internet access inbound and outbound? have you added the right security group and IPs?) but still no luck.

nc: connect to eksdatabase[redacted].amazonaws.com port 5439 (tcp) failed: Connection timed out
Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
Mike
  • 21
  • 5
  • Random uneducated guess: can you ping the servers from outside with the public IPs? Is there perhaps something you need to setup for port fowarding? – Dennis Nolte Sep 27 '21 at 21:56
  • Welcome to [sf]. This is not a forum but a Q&A site. You are welcome to [answer your own question](/help/self-answer); remember that answers should be placed in the answer box below, as any other answer. If placed above, people will misinterpret it as part of the question and think your problem is not solved. After you post your answer below, you can then mark the problem as solved by clicking the outline of the tick mark so that it turns solid green. – Michael Hampton Sep 28 '21 at 11:36

1 Answers1

1

I'm going to go ahead and answer my own question here for anyone else who finds themselves in this situation (probably not because you'll be smarter than I was) - Don't choose the default subnet group which includes all your private subnets... make a new subnet group with only your public subnets! Problem solved!

Mike
  • 21
  • 5