Access the RDS database
The Strapi app and the RDS database reside in a VPC private network and all traffic from the outside is blocked by default. This means that you cannot directly access the service or the database from the Internet.
However, if you need to access the database from your local machine there is a way to do so by following the instructions below:
To create a new EC2 key-pair, go to AWS console, choose EC2 service and from the left panel, choose Key Pairs, and click Create key pair in the top right. The name you choose here is the one used to configure the VPC resource in the Microtica Developer Portal.
You will need to create an EC2 key-pair from the AWS console. We don’t create it automatically due to security reasons. This key should always be in your possession and kept in a secure place. It will allow you to access your EC2 instances through SSH.
In the AWS console, go to EC2 service, select the VPC-nat instance. In the Security tab click on the security group.
Edit the inbound rules by whitelisting your public IP address for port 22 (SSH port). Save the changes.
The next thing you need to do is to add the name of the key pair you’ve just created by updating the configuration of the VPC resource in the Strapi environment. Go to your Strapi environment, under Resources select VPC resource > Resource Settings. Enter the keyName you created previously and click on Save and Deploy button.
Now you have everything ready to establish a connection with the database. To get the necessary information, follow the steps below:
- Select the VPC resource and in Resource Outputs you can get the NAT instance IP and use it as an SSH hostname. Set SSH username to ec2-user.
- Select the Strapi resource and in Resource Outputs you can get the database endpoint, port, and username. The database password is securely stored in AWS Secret Manager specified in the DatabaseSecret output parameter.
- And last, use your preferred client (e.g. pgAdmin, MySQLWorkbench) to connect with the Strapi database.
If you prefer using CLI to access the database, you should first establish a tunnel to your database and then connect with the database with the following commands: