撕掉我的头发。从我以前的错误(Cannot connect remotely to EC2 MySQL installation)中学到很多,但我现在配置相同(AFAICT,下面的输出),但无法让heroku连接到我的新AWS RDS DB MYSQL实例!我的旧例子很好。
我有一个问题是,Heroku文章https://devcenter.heroku.com/articles/amazon-rds似乎有关于如何使用通配符用于GRANT语句的相互矛盾的信息。
RDS文章:https://devcenter.heroku.com/articles/amazon-rds说
GRANT USAGE ON *.* TO 'username'@'%';
但是 https://www.flydata.com/blog/access-denied-issue-amazon-rds/,https://www.flydata.com/blog/access-denied-issue-amazon-rds/建议使用'%'的不同语法
GRANT USAGE ON `%`.* TO `username`@`%` IDENTIFIED BY 'pwd';
没有影响。
所以..
尝试了
安全组(我的3个环境中的所有实例都相同,但我无法从heroku连接)
$ grep sg- aws_instance.txt
"VpcSecurityGroupId": "sg-c8ce36b4"
"VpcSecurityGroupId": "sg-c8ce36b4"
"VpcSecurityGroupId": "sg-c8ce36b4"
安全组配置
在视觉上我可以看到inboound配置:MYSQL,TCP,3306,0.0.0.0 / 0
{
"DBSecurityGroups": [
{
"DBSecurityGroupDescription": "default",
"IPRanges": [
{
"Status": "authorized",
"CIDRIP": "0.0.0.0/32"
},
{
"Status": "authorized",
"CIDRIP": "0.0.0.0/0"
},
{
"Status": "authorized",
"CIDRIP": "87.1.1.1/32"
}
],
"OwnerId": "xxxxxxx",
"DBSecurityGroupArn": "arn:aws:rds:us-east-1:xxxxxxx:secgrp:default",
"EC2SecurityGroups": [
{
"Status": "authorized",
"EC2SecurityGroupName": "default",
"EC2SecurityGroupOwnerId": "xxxxxxxxx",
"EC2SecurityGroupId": "sg-2aca2f43"
}
],
"DBSecurityGroupName": "default"
},
{
"VpcId": "vpc-a7d034c1",
"DBSecurityGroupDescription": "Inbound DB only",
"IPRanges": [],
"OwnerId": "xxxxxx",
"DBSecurityGroupArn": "arn:aws:rds:us-east-1:xxxxxxx:secgrp:mysecuritygroupdbonly",
"EC2SecurityGroups": [],
"DBSecurityGroupName": "mysecuritygroupdbonly"
}
]
}