I have a springboot application which uses mySql database. I have set up an EC2 Instance and a private RDS instance. When I was making the RDS instance, in connectivity section I connected it to my Ec2 instance which added some security groups on both ends by itself.
EC2 Instance has two security groups:
- ec2-rds-x (added when RDS instance was made) – Here I have only outbound rule with destination as rds-ec2-x security group and no inbound rules:
- xyz-1 – Here, in the below picture MYSQL rule is defined for Private IPv4 address of Ec2 instance.
RDS Instance has these security groups:
- rds-ec2-x – where all the below inbound rules have source as ec2-rds-x and no outbound rules.
- xyz-1 – associated with CIDR/IP Outbound and Inbound type of connections (Can you also help me understand, why are these showing up in RDS instance securiy group section too?)
I was successful in connecting to my RDS instance using MySql Workbench through EC2. Also I am able to test this remote db by creating a ssh tunnel through EC2 first on a local port 3037:
ssh -f <username>@<ec2-public-dns> -L 127.0.0.1:3307:<rds-endpoint>:<rds-port> -N -i <pem-file-path>
application.properties:
spring.datasource.url=jdbc:mysql://127.0.0.1:3307/<db-name>
// ... username, password
The above two steps work for my local computer as expected. But I was assuming the below database url would be sufficient on the EC2 instance for it to connect to RDS. So I uploaded the Jar file with this application.properties:
spring.datasource.url=jdbc:mysql://<rds-endpoint>:<rds-port>/<db-name>
// ... username, password
But it doesn’t work and throws error starting with
com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
I am completely new to AWS and just starting with free tier. What am I doing wrong?
PS: I went through plathera of search results on google, youtube and stack overflow. Most of all start with RDS instance making process where they make RDS instance publically accessible. But recently AWS has started charging for Public IPv4 address assigned to RDS. So, while keeping RDS private I didn’t find anything which answers my question.