Is there any way to add a wildcard security group to Amazon RDS?
I'm trying to connect from an EC2 under the same account, but had no luck with the security groups. So I'm resorting to just opening it up for the time being.
Mysql – Public Amazon RDS database
amazon ec2amazon-rdsMySQL
Best Answer
It's unclear what you mean by "wildcard" - there are two types of entries in the security group that you can make - a CIDR block and an EC2 security group:
With a CIDR block, you are specifying an IP address or IP block. The most popular CIDR blocks are /32 which is an individual address and /24 which is a block of 256 addresses (a "class c") - see http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing for more details on how enter your IP blocks. To open to all IP addresses (i.e. "a wildcard IP address"), you could use the CIDR block 0.0.0.0/0 but Amazon strongly discourages allowing global access to your RDS instance http://docs.amazonwebservices.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGroups.html however it might be something you do temporarily to help debug the issue.
With an EC2 security group, it is effectively a wildcard - all EC2 instances that use that EC2 security group will have access to your RDS instance.
Documentation on updating RDS groups is here: http://docs.amazonwebservices.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html
It it worth noting that it might take some time to actually be "authorized" after you create the RDS security group entry. You might want to check the "Recent Events" tab in the AWS console to see the progress of your security group settings.