Goal: connect to our prod DB (below VPC) via AWS IAM
Steps: we did create IAM user, connected with a rould which have permissions to db-connect over our AWS db cluster and set subnet to be PRIVATE_WITH_EGRESS and open the ips mention in the creation page: https://docontrol.retool.com/resources/new/postgresql
Details: getting error that failed to connect
is there any guide step by step what need to be set on the AWS side to make the connection work?
thanks
Hi @Kfir_Yahalom - It sounds like you're using Retool Cloud and trying to connect to a production database that is in a VPC in AWS, right?
Based on your mention of setting the subnet where the RDS instance is to "PRIVATE_WITH_EGRESS", it sounds like RDS is in a private subnet and does not have a public IP. Without a public IP, Retool will not be able to access your RDS instance even if you have allow-listed the IPs as you mentioned.
You have a few options such as using SSH tunnelling which is mentioned here, considering moving RDS to be in a public subnet with a publicly routable IP.
By the way, Retool does offer a self-hosted option where you could host Retool in your own VPC which, if configured correctly, could connect to the existing RDS using private IPs.