How do I link a security group to my AWS RDS instance

amazon-ec2 amazon-web-services postgresql rds
41,834

When your RDS instance is not in a VPC, then your RDS instance is associated with an RDS security group. Those security groups are controlled by the "Security Groups" section in the RDS console. From there, you can add EC2-Classic security groups for access:

  1. Select your RDS security group
  2. Select "EC2 Security Group" for the "Connection Type"
  3. Select this or another AWS account and fill in the other AWS account number if necessary
  4. Select or fill in the correct security group.
  5. Click "Authorize"

When your RDS instance is inside a VPC, then your RDS instance is associated with a VPC security group. Those security groups are controlled by the "Security Groups" section in the VPC console. From there, you can add other VPC security groups for access:

  1. Select your VPC security group
  2. Select the "Inbound Rules" tab
  3. Click "Edit"
  4. Add a new rule, select your protocol and port range. For "Source", type or select your security group. Only VPC security groups within the same VPC can be used for this purpose.
  5. Click "Save"

Note, when selecting the security group, depending on the browser you're using, the list may only appear once focus is in the "Source" edit box. It may also only appear if you start typing. Also, it may not appear at all. If this is the case, type in the source VPC security group's identifier (eg. sg-12345678).

Share:
41,834

Related videos on Youtube

nu everest
Author by

nu everest

Python, Django, Javascript, JQuery, C#, ASP.NET, MVC, CSS, SCSS, HTML, and PHP. Zurb's Foundation 5+ responsive front-end framework. Postgresql, MySQL, and SQLServer database backends. Nginx and IIS webservers. Amazon Cloud services including EC2, S3, RDS, Cloudfront, Route53, Lambda, and SES.

Updated on September 18, 2022

Comments

  • nu everest
    nu everest almost 2 years

    I have a postgres db setup on RDS. It is running great. However, I want to link this to a set of autoscaled EC2 instances sitting behind an ELB that all reside in a single EC2 security group.

    I've been told that it is possible to add a rule to the security group for the RDS instance that uses my EC2 security group as the source. When I go to the console and edit the RDS security group I only see the following options under the source column: Anywhere, Custom IP, and My IP.

    In the information pop-up at the top of the column it says: To specify a security group in another AWS account (EC2-Classic only), prefix it with the account ID and a forward slash, for example: 111122223333/OtherSecurityGroup. (looks like it may only be applicable to EC2-Classic)

    It does not let me type in the source dropdown box.

    Under the RDS section I notices they have option groups. However the default option group associated with my postgres instance is not editable.

    Therefore, I tried to create a new group. At this point I discovered that postgres is not listed as an available engine. I selected mysql instead just to see whether I could add options. It looks like I can add a security group to a mysql instance, but NOT a postgres instance.

    Do postgres instances not support this expected option?

    • Matt Houser
      Matt Houser over 9 years
      Is your RDS instance inside a VPC?
    • nu everest
      nu everest over 9 years
      Yes my RDS instance is inside a VPC.
  • brauliobo
    brauliobo over 7 years
    what about the inverse when the ec2 is in a vpc and the rds isn't?
  • dangel
    dangel over 4 years
    so... you mean add the Security Group that the EC2 instance is a part of to the RDS Security Group?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Connect to RDS from EC2 instance -- both inside VPC
Configure BIND with database backend and DLZ support
Connect to remote postgresql server on amazon ec2
rds_superuser role in postgres RDS server
pg_dump: how to install on Amazon Linux for PostgreSQL 9.5.2?
Extension exists but uuid_generate_v4 fails
Installing PostgreSQL Client v10 on AWS Amazon Linux (EC2) AMI
How do I keep my Amazon Linux EC2 instance /var/log/messages from being filled with dhclient and ec2net messages?
How to scp to ec2 instance via ssm agent using boto3 and send file
Loading credentials JSON with AWS SDK Results in Error