AWS RDS for PostgreSQL cannot be connected after several hours

Asked 14/9, 2018 at 2:26 Answered 8/2 at 8:45

I created several instances of RDS with PostgreSQL and get the same problems:

I can connect to all of them right after creating the instances.
After several hours (I stop working on it, turn off my laptop), I cannot connect to any of them again.
I use DBeaver for the connections, the error show is "Connection attempt timed out."

I attached the information of the RDS instances . Hope someone can help me with this problem. Thank you in advance.

Natika answered 14/9, 2018 at 2:26 Comment(1)

There seems to be an option under properties to "Connect on query execute". Try ticking that option. Also I see an option to auto refresh (clock symbol), try it with a large value at first – Sydelle 14/9, 2018 at 3:26

Finally, I found the answer for my problem. For the error of "connection timeout", one of the reasons can be from the security settings. Although I set it as public when creating the RDS instance, the instance is attached with a private VPC security group which is not exposed publicly.

I can access to RDS from the same IP address that I'm on when I created it. When I go to other place (or switching VPN), I'm unable to connect it. That explains the intermittent connection.

We can attach the RDS instance with a public security group inside the VPC (I don't think it is a good setting, just for the beginner in AWS like me) as below:

from Services, select EC2, select Security Groups in the left panel.
click "Create Security Group" button.
in the dialog, enter the name for the Group, e.g "postgres-public-access"
if you have several VPC's, make sure in the last dropdown that you select the same VPC that your database is in
in the dialog, click "Add Rule" button.
In the "Type" column, select "PostgreSQL" or other types of RDS instances (or you can input the port of your RDS instance, usually it is 5432 for Postgres).
In the "Source" column, enter "0.0.0.0/0".
Click "Save" button.
from Services, select RDS, select the RDS instance, click "Modify" button.
In "Network & Security", "Security group", select the VPC Security Group you just created, in my case, it is "postgres-public-access".
Click "Continue" button. Now you can go ahead and connect with your database everywhere.

Natika answered 15/9, 2018 at 15:53 Comment(3)

Thanks a lot! For me just removing the default security group also worked after clicking "modify" for my database. Would not have figured it out without you! – Jenette 30/6, 2022 at 21:26

This is the most unintuitive process - what's the "public" option for if it doesn't make it public??? Thank you!!! – Nationality 1/12, 2022 at 22:35

Thank you. I edited the answer to make sure when you create the Security Group, that you ALSO select the SAME VPC as the db. – Predicate 19/10, 2023 at 15:27

I had to add/edit a rule to the VPC to allow connections from All sources.

Steps:

Go to DB > Connectivity & security > click on VPC(vpc-
Under Security > Security Groups > open sg-[something] for which VPC ID matches the DB VPC
Inbound Rules > Edit Rules > Change Source to anywhere

So it seems that even when creating the DB and selecting allow public access, it only includes the traffic from withing the VPC. By doing the above steps you can allow access to all sources.

Neve answered 21/1, 2020 at 12:49 Comment(1)

fyi: you cannot change the source if it is used by a VPC. so you can first delete the inbound rule, and create new one with specified options above. – Case 26/10, 2022 at 7:33

I just followed the guide: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html

Run through the typical things:

Make sure the Database is Public! Check in the AWS Website Console, if its Private make it public.
Check you have the Firewall port open for the software and the port you're trying to connect through.
When you create a dB in RDS a Security Group is created automatically with the Rule All, All:

You can add a rule for TCP Port 5432, like I have above.
Check Username/Password - sometimes incorrect ones get cached.
Try to ping the dB to see if its a internet connection problem.

Booker answered 22/9, 2019 at 8:35 Comment(2)

Can you please point out how to check if the Database is Public ... Thanks – Masseuse 5/4, 2022 at 15:25

@VivekPuurkayastha in AWS if the RDS DB isn't in a VPC it will be publicly accessible if you override the default Network Security Group (NSG). If you create an RDS in a VPC, typically you will put it in a Private subnet (with a NSG to the public subnet allowing the DB Port) and this way the DB won't be reachable, only things in the Public subnet like web servers are public accessiblbe, (unless you have a jump box). The difference between private and public subnets in a VPC is public ones are connected to an Internet Gateway and have route rule allowing WWW, 0.0.0.0. – Booker 20/10, 2023 at 6:4

Select DB -> Modify -> Connectivity-> Save

Duenna answered 18/6, 2022 at 14:46 Comment(0)

In my case, I did not set up internet gate. Check your db's route table in VPC. And, add internet gateway

Donahue answered 8/2 at 8:45 Comment(1)

This is what was happening for me as well. This guide shows you how to edit the routing in detail: medium.com/overlander/… – Bryantbryanty 19/2 at 19:10

I faced the same issue and it end up because of the VPN am using, when i disconnected the VPN i apply to connect.

Bondy answered 6/5, 2022 at 12:1 Comment(0)

Recommended topics

Hot tags