aws rds proxy throws timeout error from nodejs12.x

妖精的绣舞 提交于 2021-01-03 06:53:07

问题


I'm getting a connection timeout when I try to connect to mysql rds proxy. I'm followed this tutorial

This is my code

import mysql2 from 'mysql2';
import AWS from 'aws-sdk';
const getConnection = async () => {
    const signer = new AWS.RDS.Signer({
        username: 'my-user-name',
        hostname: 'proxy-name.proxy-someid.us-east-1.rds.amazonaws.com',
        port: 3306
    });

    console.info('Connecting to MySQL proxy via IAM authentication');

    const rdsSignerAuth = () => () => {
        console.info('CALL rdsSignerAuth');
        return signer.getAuthToken({
            username: 'my-user-name',
            region: 'us-east-1',
            hostname: 'proxy-name.proxy-someid.us-east-1.rds.amazonaws.com',
            port: 3306
        });
    };

    let connection;
    try {
        connection = await mysql2.createConnection({
            host: 'proxy-name.proxy-someid.us-east-1.rds.amazonaws.com',
            user: 'my-user-name',
            database: 'database-name',
            connectTimeout: 60000,
            ssl: { rejectUnauthorized: false },
            authPlugins: { mysql_clear_password: rdsSignerAuth },
        });
        console.info('Connected');
    }
    catch (e) {
        console.error(`MySQL connection error: ${e}`);
        throw e;
    }
    return connection;
};
const mysql2Impl = async () => {
    const connection = await getConnection();
    //console.info({ type: 'connection', connection });
    const result = await connection.promise().query('select * from destiny;');
    console.info({ type: 'result', result });
};
export async function testRdsProxy(event, context){
    console.info(JSON.stringify({ event, context }));
    await mysql2Impl();
    return 200;
}

And this is the response

Error {
    code: 'ETIMEDOUT',
    errno: undefined,
    message: 'connect ETIMEDOUT',
    sqlState: undefined,
  }

I already checked that my lambda function has a policy "rds-db:connect" to "*" resource. Besides, I checked that my proxy is in the same VPC and subnet that my rds db. The secret that holds the credentials to RDS is ok. What I am doing wrong?


回答1:


The doc states that the RDS proxy cannot be accessed public, so your lambda function need to be in the same security group with the rds proxy. Please aware that when you make your lambda into a vpc, your lambda may lost its ability to access internet. Thank you.




回答2:


  • If you pass IAM certification
    check the user-name(mysql user) has execute [INVOKE LAMBDA] permission

  • If IAM authentication fails
    you should let the proxy setup wizard automatically create an IAM like below
    Connectivity > IAM role > Create IAM role
                         > IAM authentication > Required




回答3:


You can connect RDS proxy even outside VPC by doing VPC peering from same or different account. I did it for one of the project



来源:https://stackoverflow.com/questions/61278414/aws-rds-proxy-throws-timeout-error-from-nodejs12-x

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!