We want to restrict access to our AWS RDS database so it is only accessible by the application and some IPs. How do we accomplish that for our Qovery apps?
We have tried adding IPs on the inbound rules of the security group of the RDS instance but it still can’t connect to it.
Hi @raylmp, unfortunately, you can’t do it directly via Qovery, as you’ve seen. We are considering changing it shortly (we are working on it). In the meantime, my best advice would be to consider spawning your RDS in another VPC and setting up a VPC peering between your new RDS instance and your Qovery cluster.
One other (and preferable) solution would be to let your RDS be managed by Qovery and let it be accessible via the private network only. Then, you can connect to your RDS instance using a bastion like Teleport, a simple EC2 instance, or a long-running application deployed with Qovery.
What do you think?