Re: SSL connection getting rejected on AWS RDS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Hannah,
Thank you very much!! this is really helpful. Do we need to pass 'sslrootcert" as mentioned in the doc below? I see that you have not used it in  your command. 

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.Connecting.AWSCLI.PostgreSQL.html

Also do we have to grant the role below to the user?

grant rds_iam to app_user;


If you have any document/Steps to set this up from scratch,could you please forward? That would be really helpful.

Regards,
Aditya.


On Wed, Sep 30, 2020 at 4:47 PM Hannah Huang <hannah.huang.y@xxxxxxxxx> wrote:


On 30 Sep 2020, at 5:19 pm, aditya desai <admad123@xxxxxxxxx> wrote:

Hi,
We have AWS RDS and we are trying to connect to DB remotely from EC2 instance.as client connection using psql. We are trying to set up IAM roles. We did all the necessary settings but got below error. Could you please advise?

Password for user lmp_cloud_dev:

psql: FATAL:  PAM authentication failed for user "testuser"

FATAL:  pg_hba.conf rejects connection for host "192.168.1.xxx", user "testuser", database "testdb", SSL off


Regards,

Aditya.



Hi Aditya,

See the below example of me connecting to RDS from an EC2 instance:

You need to change the $RDSHOST value
you need to replace my “app_user” to your “testuser” and database “postgres” to your “testdb”

[ec2-user@ip-172-31-13-121 ~]$ export RDSHOST="mypg.cfvvs1nh3f7i.ap-southeast-2.rds.amazonaws.com"

[ec2-user@ip-172-31-13-121 ~]$ export PGPASSWORD="$(aws rds generate-db-auth-token \
--hostname $RDSHOST \
--port 5432 \
--username app_user)”

[ec2-user@ip-172-31-13-121 ~]$ psql "host=$RDSHOST port=5432 sslmode=require dbname=postgres user= app_user"

psql (11.5, server 12.3)
WARNING: psql major version 11, server major version 12.
Some psql features might not work.
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
postgres=>

Thanks,
Hannah

[Postgresql General]     [Postgresql PHP]     [PHP Users]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Yosemite]

  Powered by Linux