When you create a new amazon rds instance, you are offered to choose true/false for the "publicly accessible" option, Is there a way to change this for an existing instance?
9 Answers
EDIT: Yes, it is now possible to change the "Publicly Accessible" property from "No" to "Yes". (And vice-versa) Hooray!
Old answer left here for historic purposes: No.
It would be nice though, eh? As a workaround your best option is the following:
- Create a snapshot of your instance.
- Launch a new instance from this snapshot using the Publicly Accessible option.
Evidence:
- John G's diplomacy in this post prevents him from writing "No" as I did, but the his answer "You can create a snapshot of the current RDS database and launch it with the publicly accessible option." makes it pretty clear that he's offering the workaround because the direct solution is not available.
-
16right click on the instance and select 'modify' to find this option– SilasCommented Feb 10, 2018 at 17:43
-
2Warning: Aurora serverless does not currently support this, and you must connect to it from within the VPC. Commented Mar 29, 2020 at 17:00
-
1I don't see that right-click option as @Silas does, but I do see a 'Modify' button on the top right of the instance page. It can also be found going back to the Databases list, then selecting the instance, them clicking the 'Modify' button.– OfirDCommented Jul 29, 2020 at 19:13
-
1MySql supports 'modify' but it hides in 'connectivity -> additional configuration.'– JimCommented Nov 24, 2021 at 2:19
-
reference: aws.amazon.com/premiumsupport/knowledge-center/… Commented Jan 4, 2022 at 14:50
To find the "publicly accessible" setting, select the instance click "modify" and click on Additional Configuration. This will expand and you will see a "publicly accessible" option.
I stumbled across this looking for the same answer. Sadly it looks like 10 months later the answer is still "no" - you can't change an existing DB to be publicly available.
However - you can come close... Even though it isn't publicly available, it is available to EC2 instances you launch in that same VPC. And you can set up a SSH tunnel from your computer through an EC2 instance to that DB - effectively giving you access to the instance without having to relaunch it from a snapshot.
You didn't specify your computer's OS, so I'm conveniently going to assume linux...
First, launch an EC2 instance, give it access to your RDS instance via security groups, make sure you can log in to that EC2 instance, and make sure you can access the RDS DB from that EC2 instance. If any of that fails, the rest of this won't work.
Next, setup a tunnel:
ssh -v -N -L 1234:rds.endpoint:3306 [email protected]
Where rds.endpoint is the URL for your RDS instance, your.ec2.host is the host name for your EC2 instance, and yourec2username is your username on the EC2 host.
You can then connect to the RDS instance with
mysql -p -u dbuser -h 127.0.0.1 -P 1234 dbname --password=dbpassword
Hope that helps the next person that stumbles across this...
This is an old question but this maybe can help someone.
Is not need to delete and restore the database, just open the DB instance in the AWS console, click on Modify and look for Additional connectivity configuration, later there are only two options there Publicly accessible and Not publicly accessible. Select your option, wait a few seconds to the modification is applied to your instance and eureka, its done.
For more info check the official docs
It seems as AWS now allows to change the accessibility property. However the database seems to be modified and during this time eventually connectivity issues may occur.
I have not found any blog / news article about it. However in my account I am able to do it.
answered Nov 27, 2015 at 10:40
-
1I was able to modify an instance using the console. It took some time for the change to propagate, and the console showed the old setting until it finished.– daxlerodCommented Jan 4, 2016 at 16:19
For someone who struggled like me, to find it, the publicly accessible option is available under Connectivity > Additional Configuration
You could create a ssh tunnel in your VPC, or make a port forwarding with iptables but, the best and the simplest solution is create a read replica with the PubliclyAccessible flag in true and then promote the replica to master. I recommend always use a CNAME of the RDS endpoint, so you could change the CNAME in the DNS without touch your app.
Making a snapshot and restore it will add a unnecessary downtime in your app.
Look!
First find out which VPC are you in.
If you wish to make your RDS instance as public accessible, you have to enable VPC attributes in DNS host and resolution.
You can set this by using the parameter PubliclyAccessible which will resolve to public IP address.
This is from AWS documentation :
Amazon RDS supported two VPC platforms: EC2-VPC and EC2-Classic. The EC2-VPC platform has a default VPC where all new DB instances are created unless you specify otherwise. The EC2-Classic platform does not have a default VPC, but as with either platform, you can create your own VPC and specify that a DB instance be located in that VPC.
-
3The items you quote are true, of course. But they are not helpful for answering the question.– mdahlmanCommented Jul 17, 2014 at 3:31
As of now "PubliclyAccessible" variable is not available in the Cloudformation tool. So if you are deploying your RDS using CloudFormation template, you have no choice of changing this parameter. Its by default "No". But if you are using AWS console, you have choice of changing "Publicly Accessible" value to Yes from default No. I think AWS should update the cloudformation "AWS::RDS::DBInstance" function with this parameter.
Thanks.
Unable to connect to server: could not translate host name ***.rds.amazonaws.com to address: Unknown host