My EC2 Instance Endpoint restricts the use of ports other than TCP 22 and 3389. How can I still connect to RDS?
This is Oniumi (@fat47) from the Service Reliability Group (SRG) of the Technology Headquarters.
#SRG(Service Reliability Group) is a group that mainly provides cross-sectional support for the infrastructure of our media services, improving existing services, launching new ones, and contributing to OSS.
This article is located in SRGDBWGWe will publish materials regarding the database provided by the DB Working Group for the entire company.
I hope this helps in some way.
EC2 Instance Endpoint restricts use of ports other than SSH and RDPWouldn't it be better to just change the port used on the RDS side to 3389?Conclusion
EC2 Instance Endpoint restricts use of ports other than SSH and RDP
The other day, after reading an article by Classmethod, I tried connecting to RDS using the EC2 Instance Connect Endpoint.
Today, June 28, 2023, this function was suddenly updated, restricting use to ports other than TCP 22 and TCP 3389.
When you try to connect, you will get the following error message:
I think AWS did not intend for anything to be connected.
Wouldn't it be better to just change the port used on the RDS side to 3389?
By the way, I remembered that the port used on the RDS (Aurora) side can be changed.
I thought that if I changed this, it might connect, so I did an experiment.
You can change it to port 3389 in the Aurora cluster settings.
Change the security group settings applied to Aurora and the VPC endpoint to port 3385.
Then create a tunnel to port 3389
I was able to confirm that I could connect!
Conclusion
I don't think I'll actually use it, but I tried it as an experiment.
I would be happy if they could update it to officially increase the number of available ports.
SRG is looking for people to work with us.
If you're interested, please contact us here.