Tuesday, May 20, 2014

Quirks in making an already running RDS instance "internet accessible"

If you have already running RDS instance within VPC and you have a new requirement to allow access to the RDS instance from an EC2 instance running outside the VPC, then you would have to jump through the below hoops to make the instance "publicly accessible'.


  • First you would need to take a DB snapshot of the running RDS instance.
  • Next restore the DB from snapshot and give a new instance identifier. Make sure the "publicly accessible" radio button is checked

  •  Once the DB instance has been spun up, you will next need to "modify" the instance and add it to the appropriate DB security group. DB restore from snapshot will by default add the instance to the "default" security group
  •  After you have modified the security group of the newly spun up instance, you will have to modify your old RDS instance and give it a new name. 
  • Next you will have to modify your new instance and assign the old name (the one that your original running instance had) to the new instance. Make sure to check the small check box in the RDS screen to "Apply immediately".

No comments:

Post a Comment