Cannot connect to RDS PostgeSQL instance - postgresql

I have just created a new RDS instance with PostgreSQL but I cannot connect to it. I'm using the following command to connect:
psql --host=<dbendpoint> --port=5432 --username=<user> --password --dbname=<dbname>
I have been searching for information related to the problem, but none of the solutions have worked.
I have public access to the DB enabled.
I have allowed all traffic in the security group of the database.
The error I'm getting is this one:
psql: error: could not connect to server: Connection timed out
Is the server running on host "database-test-1-by-hand.cwsxzm3kzzim.us-west-1.rds.amazonaws.com" (204.236.171.212) and accepting
TCP/IP connections on port 5432?
Any idea about what's happening?
Update
Here are the options from the VPC the database is on:
I remember enabling the DNS hostname to allow public access.
Update 2
I have created an EC2 instance in the same VPC where the db instance is, and I have been able to connect to it.
The db instance is deployed in the same VPC, where I have 4 different subnets, two public and two private. This is the configuration:

Related

is it possible to connect to AWS RDS db instance(postgres) through ubuntu server installed out of aws(in my local)?

Actually i have to migrate the data from AWS RDS postgres to on premises postgres.
For this i have to establish connectivity between my AWS RDS db instance and on premises(ubuntu server).
I have already configured the inbound rules of security group in my RDS DB instance. But still i am not able to connect to AWS RDS db instance directly through my Ubuntu Machine..
Is there any issue with the firewall of my VM??
Error which i am getting:
psql: error: could not connect to server: Connection timed out
Is the server running on host "XXXXXX" (X.X.X.X/X) and accepting
TCP/IP connections on port 5432?
The database setting for publicly accessible is set to NO.
There are both public as well as private subnet associated with my RDS instance.
i have provided the type as postgreSQL , port 5432 , protocol TCP, source custom ip (X.X.X.X/32)
Any help will be much appreciated.
To access an Amazon RDS database from the Internet:
Set the database to Publicly Accessible = Yes (This resolves the DNS name to a Public IP address)
Put the database in a Public Subnet (Mixing public & private subnets in a Subnet Group is not advisable, because the results will be random! It will only be in one subnet at any time, but might change subnets when upgraded or failover is triggered.)
Add a Security Group that allows Inbound access on the appropriate port (PostgreSQL = 5432) from your IP address
Reference the database via its DNS Name shown in the Amazon RDS management console
Alternatively, keep the database in a Private Subnet and access via a VPN Connection or by Port Forwarding via a Bastion Server.

Unable to Connect to AWS RDS Postgres from local system

I have created an AWS RDS Instance with Postgres 10.6
I am trying to connect to it from my local system using below command:
psql --host=dev.xyz.ap-south-1.rds.amazonaws.com --port=5432 --user="postgres" --password --dbname=abc
The Inbound rules i have set are
Allow TCP traffic on 5432 from Anywhere.
Still I am getting below error:
psql: could not connect to server: Connection timed out
Is the server running on host "dev.xyz.ap-south-1.rds.amazonaws.com" (xxx.xxx.xxx.xxx) and accepting
TCP/IP connections on port 5432?
If Publicly accessible = No, then you will not be able to access the RDS database from outside the VPC.
This is because the DNS Name of the database will not resolve to an IP address.

AWS RDS "pg_hba.conf rejects connection for host"

I am working on setting up a Postgres instance on AWS through RDS. It has been placed into a VPC with a private subnet where the subnet CIDRs are: ["10.0.21.0/24", "10.0.22.0/24", "10.0.23.0/24"].
I have a public subnet and have successfully connected to postgres through a bastion node from public to private subnet and run queries through SSH port forwarding.
However, now I am trying to setup a connection from a lambda that lives in the same private subnet of the VPC. The lambda has access according to the security group, but I receive the following error:
OperationalError: (psycopg2.OperationalError) FATAL: PAM
authentication failed for user "service_worker" FATAL: pg_hba.conf
rejects connection for host "10.0.23.73", user "service_worker",
database "myDB", SSL off
I have connected successfully with service_worker through the bastion, but for some reason I can't do so through lambda. It seems like Postgres is rejecting this particular host. And I can't find any configuration or documentation that specifies how to change what RDS does when managing this information in the pg_hba.conf file.
Does anyone have any insight into telling Postgres that a connection from a host in the same subnet is ok? I'm assuming there is some security policy that I'm somehow missing in the mix of all this.
Thanks!
It turns out that
Role-based authentication is currently not supported for Amazon RDS
for PostgreSQL and Aurora PostgreSQL.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html
And because Lambdas inherently use role based auth, this fails.

AWS instance connection refused restored db instance

I cannot connect to a restored rds instance.
I create a new rds instance by restoring_from_snapshot.
It copies all settings except the security group so I modify it after boot.
Now I cannot get psql to connect to 5432 on the endpoint.
Despite identical settings
old working instance (can be access is in live usage)
new test instance based on snapshot
I have the exact same settings on both instances. The new instance starts with the default vpc sec group but I modified it to have the same.
The Instance also had many hours trying to propagate dns info. I have been trying the whole day to fix this.
What could I have possibly missed here.
The difference between the old(live) and new(test) is that the latter has no Multi AZ, no Backups, no Minor Version Upgrade. Ports are all default postgres 5432
psql response is that it asks for password with the new it says
psql: could not connect to server: Connection refused
Is the server running on host "**********.eu-central-1.rds.amazonaws.com" (**.**.**.**) and accepting
TCP/IP connections on port 5432?
It seems our company firewall won't let me out on port 5432.

RDS Postgresql DB connection timeout from Heroku

I'm unable to connect to a new PostgreSQL in AWS RDS.
I have a Heroku app and I would like to use Amazon RDS for my database instead of Heroku. For that I've been following this guide: https://www.reinteractive.net/posts/128-heroku-app-backed-by-an-aws-rds-postgres-database
I've made a backup from my current Heroku DB and want to load it on the new database.
My security group for the database allows all inbound connections for port 5432 (0.0.0.0/0) and I've made a new VPC to have my DB set as Publicly Accesible (DNS hostnames and DNS resolution enabled). I created the database on postgres version 9.4.9.
However when I do:
-f latest.sql --host=xxx.xxx.us-west-2.rds.amazonaws.com --port=5432 --username=awsuser --password --dbname=mydatabase
from my computer, I only get a connection time out error:
psql: could not connect to server: Connection timed out
Is the server running on host xxx.xxx.us-west-2.rds.amazonaws.com" (1.2.3.4) and accepting
TCP/IP connections on port 5432?
The server is indeed running. In this case latest.sql is the backup I did. After this I edited the Database security groups to accept all connections (0.0.0.0/0) too.
Database Rules
(from what I've read this should not be necessary because I already have the VPC Security Group), but the result is the same.
Is there any way to trace what's going on / why is my connection getting blocked?