How to make my AWS RDS accessible from Retool

nemanjajuice · May 12, 2022, 3:53pm

Hey team,

Quick question regarding the RDS.
We want to configure retool for monitoring some of our data, and we ran into some issues with the setup.

Retool wants us to make our RDS public, which is ok since they provided 3 IP addresses we should add to VPC security group.

Anyhow, the problem is that we are losing the access from our BE app when we switch the accessibility from private to public.

I’ve rerouted the subnet to point to Internet Gateaway, so now it works ok.
Although we are a bit concern that now everyone can try and access our database.

Do you have maybe some suggestions on how to approach this issue?
Thanks!

rophilogene · May 13, 2022, 6:29pm

Hi @nemanjajuice ,

Can you use VPC peering with Retool? (I am not seeing this option from their documentation, but it would be the best option since it’s very secure and possible with Qovery and AWS).

If not, then we’ll need to consider adding a way to manage IP whitelisting. I might have a temporary solution for you. (I can explain if VPC peering with Retool is not possible)

cc @Florian_Lepont

nemanjajuice · May 13, 2022, 6:34pm

Hi @rophilogene

Thanks for your answer!
I will try the solution with peering connections.

I’ll update you once I have more info.

nemanjajuice · May 13, 2022, 7:24pm

Hey @rophilogene

I just tried this peering connection stuff, and it won’t work unfortunatelly.

rophilogene · May 14, 2022, 9:57am

@nemanjajuice , here is a schema of what you can do:

Connect to your AWS account
Create a VPC (with a different subnet from the Qovery VPCs)
Add an Internet Gateway
a. Configure a static IP with an additional NAT Gateway
b. Whitelist Retool static IP addresses
Configure the VPC peering with Qovery (check out this guide)
Check if you are able to connect to your RDS instance via Retool

If it does not work, check that the routing configuration between your VPCs is working well.

Let me know.

Note: I’ve discussed with @Pierre_Mavro (CTO) and we’ll try to provide a long-term solution with IP whitelisting from Qovery directly.

rophilogene · May 29, 2022, 4:44pm

Let me know @nemanjajuice if you need any help on this.

system · March 25, 2024, 10:45am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Whitelist Qovery apps for AWS RDS Questions and Answers	2	286	March 25, 2024
Whitelist IPs for AWS RDS Postgresql DB Deployment qovery , aws	4	599	March 25, 2024
AWS VPC connection in 2 way AWS qovery , aws	3	137	March 25, 2024
Access private databases from specific IPs Questions and Answers aws	2	322	March 25, 2024
Database.postgresql.deny_public_access Cluster Setting Questions and Answers aws	5	343	March 25, 2024

How to make my AWS RDS accessible from Retool

Related Topics