为了测试的目的,我需要创建一个Postgres数据库,它可以公开访问,并且可以从任何地方访问。2我现在的CloudFormation看起来是这样的:
---
AWSTemplateFormatVersion: "2010-09-09"
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
InternetGateway:
Type: AWS::EC2::InternetGateway
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.1.0/24
MapPublicIpOnLaunch: true
AvailabilityZone: eu-central-1a
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.2.0/24
MapPublicIpOnLaunch: true
AvailabilityZone: eu-central-1b
DBSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Subnets for RDS database
SubnetIds:
- !Ref PublicSubnet1
- !Ref PublicSubnet2
SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow all inbound traffic
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 5432
ToPort: 5432
CidrIp: 0.0.0.0/0
DBInstance:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceIdentifier: ourpostgres
DBName: "database"
AllocatedStorage: "5"
DBInstanceClass: db.t3.micro
Engine: postgres
VPCSecurityGroups:
- !Ref SecurityGroup
DBSubnetGroupName: !Ref DBSubnetGroup
PubliclyAccessible: true
MasterUsername: myusername
MasterUserPassword: mypassword
Outputs:
DBInstanceEndpoint:
Description: Endpoint to access the Postgres database
Value: !GetAtt [DBInstance, Endpoint.Address]运行此CloudFormation数据库示例后,成功启动,但我仍然无法从本地计算机登录到数据库(使用Sequel Pro作为查看器)。我尝试设置VPC,安全组,网关和子网,但似乎仍然缺少一些东西。
你能帮我找出上面CloudFormation中的问题吗?
1条答案
按热度按时间ulydmbyx1#
问题的原因是您的子网是私有。
虽然CloudFormation模板确实创建了Internet网关并将其连接到VPC,但两个子网使用的是默认路由表,该表不包含到Internet网关的路由。因此,子网实际上是专用子网。
您需要更新模板以:
0.0.0.0/0的流量路由到Internet网关作为示例,下面是我从Building a VPC with CloudFormation - Part 1中获取的一些代码:
你需要类似的东西。