Allowlisting dedicated server IP on Amazon RDS


This article describes the process you'll need to follow in order to allowlist (whitelist) the IP address of your NordLayer private gateway on the Amazon RDS platform. This will allow you to restrict access to a specific database instance(s) to users connected to your dedicated server only.

Ensuring your IP addresses and endpoints are set up correctly will give you far more peace of mind about your layers of security. 

 

Configuring a rule in Amazon RDS platform

By following these instructions, you will open firewall ports for your AWS EC2 instances.

Note: when creating your RDS instance, make sure you choose to make it publicly accessible (it’s an option that pops up to you when creating the database).

 

1.  Choose your RDS database from the list of instances

rds database step 1

2. Under the Details section, locate Security groups entry and click on the active security group link. This will take you to the security group that you need to create an allowlist at.

 

rds database step 2

 

3. Make sure that the security group that belongs to your RDS database is selected/highlighted. If you are not sure which one it is, you can match them by the VPC ID (in this case it’s the one ending in0bc0) or the GROUP IP (ending in6cbf)

4. Click on Inbound at the bottom (you can also right-click the highlighted item and click Edit inbound rules). Then press on Edit

 

rds database step 4

5. Now you will need to select the port to allowlist. If you are using the default MySQL port then select the MYSQL/Aurora option. If you are using a custom port for your database, then under the Type drop-down select Custom TCP Rule and type the port number in the Port Range field.

6. Under the Source, please enter the IP address of your NordLayer dedicated server. Since this is not a range, but a singular IP, please append /32 to the end of the NordLayer dedicated server IP. Afterwards, simply hit Save.

rds database step 6

 

Verify You Can Connect

By utilizing Telnet, you can check for open ports. You can execute the following command to check whether it is possible to connect to the database instance after allowlisting the IP of your NordLayer dedicated server:

telnet hostname_or_endpoint_or_database_ip port

A successful connection to port 3306

In the screenshot above, seeing the 'Connected….' means that you can successfully connect to the RDS instance. If you only see the 'Trying ….' line then you are still unable to access the instance.

 

If you are still unable to connect

  • Repeat the steps and make sure you followed all instructions
  • Make sure that your RDS instance is set to Publicly Accessible
  • Verify you are trying to connect from the same IP address that you allowlisted

 

And that's all! You've now successfully created your first IP allowlist in Amazon RDS.

Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.


Return to top