AWS EC2 Correct Inbound/Outbound Rules For Database

scott · May 5, 2024, 6:28pm

I had to delete my existing EC2 instance and start over because I was having issues with Traefik.

I remember having a lot of trouble getting Wappler Database Manager and MySQL Workbench to connect to the EC2 instance the last time and forgot to look at the inbound/outbound rules on the AWS website before removing the instance.

Would anyone be able to provide me with guidance on what the proper rules should be to allow both Wappler’s Database Manager and MySQL Workbench to connect?

Server: Nodejs
Database: MySQL
Elastic IP: In Use
MySQL Port: 9906

I created a new security group, associated it with the EC2 instance and currently have an inbound rule set for Custom TCP > 9906 > Custom IP > My IP.

Not sure what else is needed. @Teodor what are your thoughts?

Apple · May 5, 2024, 7:13pm

The safest way is to use SSH tunneling

scott · May 5, 2024, 8:26pm

Hi @Apple,

I am attempting to do that now without success.

I created a new Key Pair:

Details from the EC2 Instance:

MySQL Workbench:

Screenshot 2024-05-05 at 3.19.49 PM
Screenshot 2024-05-05 at 3.21.35 PM

I then tried the Public IPv4 DNS instead of the Public IPv4 address and got the same error.

I then tried both the Public IPv4 DNS and the Public IPv4 address with the private key listed in Wappler and received the same error.

Having tried all those combinations, I am at a loss…

scott · May 5, 2024, 8:41pm

As a side note, the settings created by Wappler when the EC2 instance was created from the Docker Remote > Manage are not connecting to the database.

The EC2 instance is up and running without errors.

Screenshot 2024-05-05 at 3.39.43 PM

Apple · May 5, 2024, 8:45pm

Please verify if the new key pair is present inside your server at location ~/.ssh/authorized_keys

Sometimes such key pairs are only used for new deployments, not applied on existing servers

scott · May 5, 2024, 11:01pm

In the AWS EC2 website, I found this under Network & Security > Key Pairs:

Screenshot 2024-05-05 at 5.48.04 PM

Screenshot 2024-05-05 at 5.48.18 PM

I found this under the EC2 Instance >

Screenshot 2024-05-05 at 5.48.51 PM

Screenshot 2024-05-05 at 5.49.09 PM

I found the Wappler Public and Private key pair on my local machine in ~/.docker/machine/machines/EC2.

I could not find a .ssh folder locally in the ~/.docker folder or any of the subfolders. If I am understanding correctly, I need to create a .ssh folder on the machine, however, I am not certain about that since the key pairs are listed on the AWS website. My question is if I need to create it, where do I create it? Since Wappler created a public and private key pair, I feel I should use that.

I am not familiar with using Terminal and in the past, I mostly have used php on shared servers and have not had to do things like this.

When I look at https://codingfundas.com/ssh-to-aws-servers-using-an-ssh-config-file/index.html, it talks about a .pem file. When I look inside ~/.docker/machine/machines/EC2, I see multiple .pem files:

Screenshot 2024-05-05 at 5.59.23 PM

Apple · May 5, 2024, 11:08pm

Make Wappler-Workbench key pair assigned at launch using AWS control panel. And then reboot the server

I’m not familiar with AWS, my assistance may be limited