Wednesday, March 14, 2018

An Easy Mistake when setting AWS Security Group

 Symptom:

 When we set up your wordPress test env in AWS, follow the instructions ,put RDS and EC2 in the same security group and  VPC, ssh, http ports are open.  Both services are up and running. However php can't connect into database. Error below: 

Error establishing a database connection

This either means that the username and password information in your wp-config.php file is incorrect or we can’t contact the database server at xd1rcv07eugoakc.c6kx8udnwhvn.us-east-1.rds.amazonaws.com. This could mean your host’s database server is down.

Diagnostic:

 Check RDS mysql logs and status , make sure its up and running
 Check Httpd logs status, make sure its up and running
 Use nc test mysql port 3306 from EC2 to RDS endpoint,see if it is open
 Find port is not open
 Check the inbound rules of the security group
 ->All traffic inbound rule was removed accidentally when we config ssh port
By default services in the security group would accept all traffic within the security group

Solution:

Add  All traffic inbound rule back for the security group
ie
All traffic    ALL      ALL      sg-ag41e528(default)

No comments: