Skip to content

How to Fix AWS RDS Connection Timeout Error

DodaTech Updated 2026-06-24 2 min read

In this tutorial, you'll learn about How to Fix AWS RDS Connection Timeout Error. We cover key concepts, practical examples, and best practices to help you understand and apply this topic effectively.

You try to connect to your RDS instance and get Connection timed out — network or security settings are blocking the connection.

Step-by-Step Fix

1. Check security group inbound rules

aws ec2 describe-security-groups --group-ids sg-12345678

Look for the database port (3306 for MySQL, 5432 for PostgreSQL):

{
    "IpPermissions": [
        {
            "FromPort": 3306,
            "ToPort": 3306,
            "IpProtocol": "tcp",
            "IpRanges": [{"CidrIp": "0.0.0.0/0"}]
        }
    ]
}

2. Add inbound rule for the database port

aws ec2 authorize-security-group-ingress --group-id sg-12345678 --protocol tcp --port 3306 --cidr 0.0.0.0/0

3. Verify the instance is publicly accessible

aws rds describe-db-instances --db-instance-identifier mydb --query 'DBInstances[0].PubliclyAccessible'

If false, modify to make it publicly accessible:

aws rds modify-db-instance --db-instance-identifier mydb --publicly-accessible --apply-immediately

4. Test the connection

mysql -h mydb.123456789012.us-east-1.rds.amazonaws.com -u admin -p

Expected output:

Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.

5. Check the DB subnet group

aws rds describe-db-subnet-groups --db-subnet-group-name mydb-subnet-group

Ensure the subnets have routes to a NAT gateway or Internet Gateway.

Common Mistakes

Mistake Fix
Security group missing the DB port Add inbound rule for the correct port
Database not publicly accessible Enable PubliclyAccessible
Wrong endpoint or port Check the endpoint in RDS console
Client IP not in CIDR range Use MyIP in security group or specific CIDR
VPC has no Internet Gateway Attach an IGW and update route tables

Prevention

  • Use AWS VPN or Direct Connect for production database access.
  • Enable RDS Enhanced Monitoring for connection metrics.
  • Use RDS Proxy for connection pooling.
  • Store credentials in AWS Secrets Manager.

Common Mistakes with rds connection

  1. Mixing let bindings with <- bindings in do notation, producing type errors
  2. Overlapping type class instances that cause GHC to reject the program with ambiguous dispatch errors
  3. Non-exhaustive pattern matches that compile with warnings then crash at runtime

These mistakes appear frequently in real-world AWS code. DodaTech's contributors have identified these patterns through analysis of open-source projects and production systems.

Practice Exercise

Write a pure function that safely divides two integers using Maybe, then test it with edge cases like division by zero and negative numbers.

This exercise reinforces the concepts covered in this guide. Try implementing it before checking online solutions.

FAQ

How do I connect to RDS from an EC2 instance in the same VPC?

Use the RDS endpoint and ensure the EC2 security group allows outbound traffic to the RDS security group on the database port. |||Why can I connect locally but not from Lambda? Lambda functions in a VPC need a VPC endpoint (for DynamoDB, S3) or a NAT gateway to reach RDS outside the VPC. |||What is the default RDS port for PostgreSQL? The default port for PostgreSQL is 5432. For MySQL it is 3306, for MariaDB 3306, and for SQL Server it is 1433.

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro