Connecting to an AWS RDS instance via a bastion host ensures a secure and efficient way to manage your database within a VPC. This guide will walk you through the steps required to set up your VPC, RDS, and EC2 instances, and how to establish a connection from local client.
VPC Setup
This enables you to create secure and efficient architectures by segmenting your resources and applying stringent access controls. VPCs facilitate the deployment of web applications and databases in a secure and scalable manner, leveraging AWS’s extensive infrastructure.
Steps
Create Private Subnets
Without Internet Gateway: Ensure that your private subnets do not have any Internet Gateway (IG) attached.
Remove IG or NAT: Remove any IG or NAT gateway attached in the route table of the private subnets.
Multiple Zones: Ensure that your private subnets are in different availability zones to meet security requirements.
Create a Subnet Group
Navigate to RDS Console: From the left side menu in the RDS console, create a subnet group.
Include Private Subnets: Add the private subnets created earlier into this subnet group.
Create a Public Subnet
Public Access: Ensure that this subnet has an Internet Gateway attached to it, allowing public access.
RDS Setup
Make sure your RDS instance is inside the Private subnets
Move Instance to private subnet group
Private Subnet Group: When creating the RDS instance, choose the subnet group containing the private subnets.
If instance is in both private and public then use this for move them to private subnets here
Configure Security Groups
RDS Security Group: Create or update the security group for your RDS instance.
Allow Inbound Access: Add rules to allow inbound traffic from the EC2 security group.
EC2 Setup
Create an EC2 Instance
Public Subnet: Launch your EC2 instance in the public subnet.
Elastic IP: Assign an elastic IP to the EC2 instance for consistent connectivity.
Configure Security Groups
Outbound Rule: Ensure the security group of the EC2 instance allows outbound traffic to the RDS security group.
