Closed ghost closed 5 years ago
Is there any specific reason why you need an IP in security group instance of using the databases sg? And those IPs could change: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html
we strongly recommend that you use the DNS name to connect to your DB instance because the underlying IP address can change during failover.
I want to restrict access for example from my dev server just to dev rds instance. For this I need CIDR, basically hostIP/32. Also in security group of dev RDS server in ingress I want ro allow access just to my dev app server. Unfortunatelly you can’t have hostnames in security groups or at least I am not aware of that. And when I connect from my app, I use the endpoint name, of course. This is just about the firewall part.
But you can allow a connection from a specific group by groupname without specifying ip
On Sun, 24 Feb 2019, 00:51 Boban Acimovic, notifications@github.com wrote:
I want to restrict access for example from my dev server just to dev rds instance. For this I need CIDR, basicallyhost IP/32. Also in security group of dev RDS serves in ingress I want ro allow access just to my dev app server. Unfortunatelly you can’t have hostnames in security groups or at least I am not aware of that. And when I connect from my app, I use the endpoint name, of course. This is just about the firewall part.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/terraform-providers/terraform-provider-aws/issues/7658#issuecomment-466713926, or mute the thread https://github.com/notifications/unsubscribe-auth/AMQTbjDKNhtv_le_AbUOtBOSteEaJOabks5vQdP2gaJpZM4bM5V2 .
@bflad I think this issue can be closed.
Correct, thank you 👍
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
This issue was originally opened by @acim as hashicorp/terraform#20444. It was migrated here as a result of the provider split. The original body of the issue is below.
Current Terraform Version
Use-cases
From resources like aws_db_instance and aws_rds_cluster I can get out just endpoint addresses, so hostnames, but no IP addresses. It would be nice to resolve these somehow in order to get IP addresses or CIDR's in order to use them as variables for security groups, etc.
Attempted Solutions
Proposal
References