Error: failed to connect to MySQL: could not connect to server: dial tcp <IP>:3306: connect: connection timed out

[Oualitsen]

Hi, I keep getting this error after a given timeout and I cannot find why. I created an RDS cluster and when I try to create a MySQL user I get this error. When I set the RDS publicly available the user is created with no issues though.

Here is my tf file

`

data "aws_secretsmanager_secret" "secretsMan" { arn = aws_secretsmanager_secret_version.big_data_team_secret_version.arn }

data "aws_secretsmanager_secret_version" "big_data_secret_version" { secret_id = data.aws_secretsmanager_secret.secretsMan.id }

import database secret

data "aws_secretsmanager_secret" "db_secret_manager" { arn = aws_secretsmanager_secret_version.db_secret_version.arn }

get database secret id

data "aws_secretsmanager_secret_version" "db_secret_version" { secret_id = data.aws_secretsmanager_secret.db_secret_manager.id }

resource "aws_rds_cluster" "rds_cluster" { cluster_identifier = "cluster-2" engine = "aurora-mysql" database_name = "firstdb" master_username = "ramdane" master_password = data.aws_secretsmanager_secret_version.db_secret_version.secret_string availability_zones = ["eu-west-2a", "eu-west-2b", "eu-west-2c"] skip_final_snapshot = true vpc_security_group_ids = [aws_security_group.cluster_security_group.id]

}

resource "aws_rds_cluster_instance" "rds_aurora_instance" { count = 2 cluster_identifier = aws_rds_cluster.rds_cluster.cluster_identifier instance_class = "db.t3.small" engine = aws_rds_cluster.rds_cluster.engine publicly_accessible = false }

resource "aws_security_group" "cluster_security_group" { name = "open_sg" ingress { cidr_blocks = ["0.0.0.0/0"] protocol = "-1" from_port = 0 to_port = 0 }

egress { cidr_blocks = ["0.0.0.0/0"] protocol = "-1" from_port = 0 to_port = 0 } }

provider "mysql" { endpoint = aws_rds_cluster_instance.rds_aurora_instance.0.endpoint username = aws_rds_cluster.rds_cluster.master_username password = aws_rds_cluster.rds_cluster.master_password connect_retry_timeout_sec = 90 }

resource "mysql_user" "big_data_db_user" { user = "big_data_db_user" plaintext_password = data.aws_secretsmanager_secret_version.big_data_secret_version.secret_string host = "%" tls_option = "" depends_on = [ aws_rds_cluster.rds_cluster, aws_secretsmanager_secret.secrets_manager, data.aws_secretsmanager_secret_version.big_data_secret_version, aws_security_group.cluster_security_group ]

}

resource "mysql_grant" "big_data_user_grant" { user = mysql_user.big_data_db_user.user host = mysql_user.big_data_db_user.host database = aws_rds_cluster.rds_cluster.database_name privileges = ["SELECT"] }

output secret_username { sensitive = true value = data.aws_secretsmanager_secret_version.big_data_secret_version.secret_string }

output cluster_master_username { sensitive = true value = aws_rds_cluster.rds_cluster.master_username }

output cluster_master_password { sensitive = true value = aws_rds_cluster.rds_cluster.master_password }

output rds_endpoint { value = aws_rds_cluster_instance.rds_aurora_instance[0].endpoint }

`

[petoju]

My guess: can you connect to that IP from the computer running terraform?

The fact that you cannot access private IP shows that there may be an issue with something like firewall, routing, security groups or similar.

[Oualitsen]

Turns out that we must open the port and whitelist terraform server IP address.

[petoju]

Ok, so that's WAI. Terraform cannot work without access to the server.