Access to RDS in a private subnet from local machine
#
Securely connecting to an AWS RDS instanceThe instructions will help you connect to an AWS RDS instance without the need for that RDS resource to have a publicly available DNS. This connection can be made using a database client such as pgadmin. You will utilise AWS session manager to connect to a Bastion host (or jumpbox) within the same AWS account as your desired RDS database.
#
Pre-requisitesA SSH client installed - guide for Windows
Your Google account be given the relevant permissions to the AWS account and the EC2 instance (jumpbox)
The instance ID of the jumpbox
The private key for the EC2 instance that you will be connecting through
You will also need :
The DNS of the RDS instance you want to connect to
The port that is open on that RDS instance
The database within the RDS instance you want to connect to
The database credentials for the RDS instance you want to connect to
#
Steps#
1 - AWS credentialsEnsure that you have up to date AWS credentials for the account you want to access.
There are multiple ways to do this, you can read the guidance here.
Here we will describe one of them:
Go to https://hackney.awsapps.com/start#/ and log in using your Google account credentials
Expand the account that you will need access to and click on “Command line or programmatic access” next to the role that you want to use.
The role you will be using will have been explained to you beforehand.
- You are then provided with instructions on how to add the credentials you will be authenticating with (note macOs and Windows options).
#
2 - Connecting to RDSIn a shell - run the below command replacing the values in the table below with the ones for your connection.
You can then connect using your client on 127.0.0.1:9999