How to Fix AWS RDS Connection Timeout Error
In this tutorial, you'll learn about How to Fix AWS RDS Connection Timeout Error. We cover key concepts, practical examples, and best practices to help you understand and apply this topic effectively.
You try to connect to your RDS instance and get Connection timed out — network or security settings are blocking the connection.
Step-by-Step Fix
1. Check security group inbound rules
aws ec2 describe-security-groups --group-ids sg-12345678
Look for the database port (3306 for MySQL, 5432 for PostgreSQL):
{
"IpPermissions": [
{
"FromPort": 3306,
"ToPort": 3306,
"IpProtocol": "tcp",
"IpRanges": [{"CidrIp": "0.0.0.0/0"}]
}
]
}
2. Add inbound rule for the database port
aws ec2 authorize-security-group-ingress --group-id sg-12345678 --protocol tcp --port 3306 --cidr 0.0.0.0/0
3. Verify the instance is publicly accessible
aws rds describe-db-instances --db-instance-identifier mydb --query 'DBInstances[0].PubliclyAccessible'
If false, modify to make it publicly accessible:
aws rds modify-db-instance --db-instance-identifier mydb --publicly-accessible --apply-immediately
4. Test the connection
mysql -h mydb.123456789012.us-east-1.rds.amazonaws.com -u admin -p
Expected output:
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
5. Check the DB subnet group
aws rds describe-db-subnet-groups --db-subnet-group-name mydb-subnet-group
Ensure the subnets have routes to a NAT gateway or Internet Gateway.
Common Mistakes
| Mistake | Fix |
|---|---|
| Security group missing the DB port | Add inbound rule for the correct port |
| Database not publicly accessible | Enable PubliclyAccessible |
| Wrong endpoint or port | Check the endpoint in RDS console |
| Client IP not in CIDR range | Use MyIP in security group or specific CIDR |
| VPC has no Internet Gateway | Attach an IGW and update route tables |
Prevention
- Use AWS VPN or Direct Connect for production database access.
- Enable RDS Enhanced Monitoring for connection metrics.
- Use RDS Proxy for connection pooling.
- Store credentials in AWS Secrets Manager.
Common Mistakes with rds connection
- Mixing let bindings with <- bindings in do notation, producing type errors
- Overlapping type class instances that cause GHC to reject the program with ambiguous dispatch errors
- Non-exhaustive pattern matches that compile with warnings then crash at runtime
These mistakes appear frequently in real-world AWS code. DodaTech's contributors have identified these patterns through analysis of open-source projects and production systems.
Practice Exercise
Write a pure function that safely divides two integers using Maybe, then test it with edge cases like division by zero and negative numbers.
This exercise reinforces the concepts covered in this guide. Try implementing it before checking online solutions.
FAQ
Built by the developers of DodaTech
Doda Browser, DodaZIP & Durga Antivirus Pro