允许从 ECS 连接到现有的 RDS 数据库?
Allow connections from ECS to an existing RDS database?
我目前正在尝试识别一个现有的 MySQL 实例,我想让我的 ECS 部署能够连接到它。
目前的进展如下:
const rdsPrimaryDatabase = rds.DatabaseInstance.fromDatabaseInstanceAttributes(this, 'ApplicationReadWrite', {
instanceEndpointAddress: "application_database_ewqqqrqw.eu-west-1.rds.amazonaws.com", port: 3305, securityGroups: [],
instanceIdentifier: 'application_database'
});
const securityGroup = new ec2.SecurityGroup(this, 'ApplicationEcsSecurityGroup', {
vpc: vpc,
allowAllOutbound: true,
securityGroupName: 'ApplicationEcsSecurityGroup',
})
securityGroup.connections.allowTo(rdsPrimaryDatabase, 3306, 'Primary Database')
以上内容当前导致以下错误,与最后一行相关:
Argument of type 'IDatabaseInstance' is not assignable to parameter of type 'IConnectable'.
The types of 'connections.defaultPort' are incompatible between these types.
这个错误是可以理解的,但我不确定如何克服这个问题 - 而且我不太确定我的做法是否正确。
感谢任何帮助。
尝试导入数据库实例的安全组,而不是导入数据库实例。
ISecurityGroup databaseSecurityGroup SecurityGroup.FromSecurityGroupId(scope, "ImportedDatabaseSecurityGroup", securityGroupId, new SecurityGroupImportOptions());
var fargateServiceSecurityGroup = new SecurityGroup(this, "FargateServiceSecurityGroup", new SecurityGroupProps());
databaseSecurityGroup.Connections.AllowFrom(fargateServiceSecurityGroup, Port.AllTcp(), "Allow from fargate security group");
我目前正在尝试识别一个现有的 MySQL 实例,我想让我的 ECS 部署能够连接到它。
目前的进展如下:
const rdsPrimaryDatabase = rds.DatabaseInstance.fromDatabaseInstanceAttributes(this, 'ApplicationReadWrite', {
instanceEndpointAddress: "application_database_ewqqqrqw.eu-west-1.rds.amazonaws.com", port: 3305, securityGroups: [],
instanceIdentifier: 'application_database'
});
const securityGroup = new ec2.SecurityGroup(this, 'ApplicationEcsSecurityGroup', {
vpc: vpc,
allowAllOutbound: true,
securityGroupName: 'ApplicationEcsSecurityGroup',
})
securityGroup.connections.allowTo(rdsPrimaryDatabase, 3306, 'Primary Database')
以上内容当前导致以下错误,与最后一行相关:
Argument of type 'IDatabaseInstance' is not assignable to parameter of type 'IConnectable'.
The types of 'connections.defaultPort' are incompatible between these types.
这个错误是可以理解的,但我不确定如何克服这个问题 - 而且我不太确定我的做法是否正确。
感谢任何帮助。
尝试导入数据库实例的安全组,而不是导入数据库实例。
ISecurityGroup databaseSecurityGroup SecurityGroup.FromSecurityGroupId(scope, "ImportedDatabaseSecurityGroup", securityGroupId, new SecurityGroupImportOptions());
var fargateServiceSecurityGroup = new SecurityGroup(this, "FargateServiceSecurityGroup", new SecurityGroupProps());
databaseSecurityGroup.Connections.AllowFrom(fargateServiceSecurityGroup, Port.AllTcp(), "Allow from fargate security group");