In this tutorial, you'll learn how to connect to a private RDS MySQL DB instance in a private subnet (VPC) using an EC2 instance as jump/bastion host with DBeaver/SSH Tunnel configuration from a local host.
-
Facebook: / gokcedbsql
-
Video Transcript:
_
Hi guys, this is Abhi from Gokcedb. In this video, you're going to learn how to connect to a private RDS database using an ec2 jump host in AWS. Let's start by navigating to the RDS service and then clicking on databases.
Hit create database then choose a standard to create. For the engine, I'm going to select MySQL and for the template choose pre-tier. Give your DB instance a name. Choose a master username and password then select the allocated storage.
Ensure that the pubic access option is set to no then choose an availability Zone. Hit create database then click on your DB identifier and ensure that your status is created. Let's navigate to the ec2 service then click on instances.
Click on launch instance then give your instance a name. Select an Ami, choose an instance type then select a key pair. Click on edit in network settings and choose a subnet in the same availability Zone as your RDS instance to avoid data charges.
I'm going to leave the default settings for the security group which allows SSH from anywhere then hit launch instance. Let's copy the public ipv4 address of our jump host and then navigate to the dbver software. Click on the connect button then choose MySQL and hit next.
Navigate to the SSH Tab and click on use SSH tunnel. Paste the copied IP address then enter ec2 Dash use for username. For the authentication method, choose a public key and for the private key, select your per file.
Click on test tunnel configuration then click yes to add this host to the known host file and you should see the connected message. Now, let's go back to the RDS window and grab the database endpoint. Navigate to the main Tab and paste the database endpoint in the server host text box.
Enter the master username and password then go back to the RDS window and scroll down to the ec2 connected resources section. Click on setup ec2 connection then select the ec2 instance that we created earlier and hit continue. Review that RDS ec26 Security Group will be added to the database and ec2 or ds6 Security Group will be added to the ec2 instance then hit confirm.
Let's go inside our database and confirm that we see a new ec2 connection in ec2 Connected resources section. Looks like it did not work. Let's go back to the ec2 dashboard and confirm whether the ec2 rds6 security group was added to our instance or not.
Looks like it was which means that the RDS ec2 6 security group was not added to our database. I'm guessing that's because our RDS instance is still in the backing-up status. I'm going to wait until the database status changes to avail and then add the security group manually.
Click on modify then scroll down to the connectivity section. Select the RDS ec26 Security Group then hit continue. Choose to apply immediately then hit modify.
Go inside your database then confirm that you see RDS ec26 Security Group in the security section navigate back to D beaver and hit test connection and you should see the connected message.
Now you should be able to execute queries in your new database from your local machine through an ec2 jump host there. There you have it. Make sure you like, subscribe, and turn on the notification bell.
Until next time.
14 окт 2024