How to Connect to Aurora serverless MySQL instance over SSH

Question

I'm not able to find the Aurora MySql Db through an EC2 tunnel.

We have an Aurora serverless Db (MySql). The problem is that I don't know how connect to the db locally from my machine.

I tried to add the SSH options to mysqlstring builder like:

        MySqlConnectionStringBuilder _connectionBuilder = new MySqlConnectionStringBuilder()
        {
            UserID = "admin",
            Server = "RDS endpoint in Aws",
            Port = 3306,
            SshHostName = "Ip to the Ec2",
            SshUserName = "the ec2 user",
            SshPort = 22,
            SshKeyFile = @"filepath to local .pem file",
            Database = "db name",
            Password = "db-password"
        };

I tried to use both string builder and a sshclient like:

 using (var sshClient = new SshClient(_connectionBuilder.SshHostName, 22, _connectionBuilder.SshUserName, new PrivateKeyFile(_connectionBuilder.SshKeyFile)))
            {

                sshClient.Connect();
                // SQL QUERY HERE
                sshClient.Disconnect();
            }

The code works and connects when it is released to the lambda instance but not on my local machine.

Works if I open a CMD window and type:

ssh -N -L 3306:{aws Db endpoint}:3306 -i {path to .pem} {user}@{ip}

And changes server to localhost.

Answer 1

Probably your database is not accessable publicly.

PubliclyAccessible Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.

When creating a database make sure to set that it is publicly accessable and it is in a subnet which has an Internet gateway attached.

Also make sure that Security Groups for the database allow connections to your SSH ports (22) and DB tcp ports (3306).

EDIT

You CAN NOT access Aurora serverlles outside VPC:

You can't give an Aurora Serverless DB cluster a public IP address. You can access an Aurora Serverless DB cluster only from within a virtual private cloud (VPC) based on the Amazon VPC service.