I have two RDS instances, in the same VPC, same availability zone, both have public accessibility enabled.
Adding group-2 to the group-1 incoming traffic as TCP/ 5432 does not appear to open that port on group-1 since the connection from group-2 times out via foreign data wrappers.
If I added the IP address of my RDS instance to group-1 the connection works, so it has to be related to the security group somehow.
I also created an EC2 instance where I installed postgresql in a docker container using the same group-2 security group, and this one connects just fine to the Aurora postgresql.
Any ideas what I could be doing wrong?
I have two RDS instances, in the same VPC, same availability zone, both have public accessibility enabled.
Adding group-2 to the group-1 incoming traffic as TCP/ 5432 does not appear to open that port on group-1 since the connection from group-2 times out via foreign data wrappers.
If I added the IP address of my RDS instance to group-1 the connection works, so it has to be related to the security group somehow.
I also created an EC2 instance where I installed postgresql in a docker container using the same group-2 security group, and this one connects just fine to the Aurora postgresql.
Any ideas what I could be doing wrong?
I think it's because you have public accessibility enabled. That gives the RDS instances public IP addresses, so when one server tries to connect to the other one, it is trying to connect to the public IP address, which causes the network connection to leave the VPC and come back in. Security group ID references in security group rules only work when the traffic is between private IP addresses.
