25

For my Flask app, I want to use the Flask-SQLAlchemy extension to connect to a database instance I created on AWS RDS.

When I try to connect, the application times out and I get the following error:

sqlalchemy.exc.OperationalError: (OperationalError) (2003, "Can't connect to MySQL server on 'xxxxxxxxxxxxxxx.xxxxxxxxxxxx.us-east-1.rds.amazonaws.com'(60")

My Code Looks Like This:

from flask import Flask
from flask.ext.sqlalchemy import SQLAlchemy
application = Flask(__name__)

application.config['SQLALCHEMY_DATABASE_URI'] = 'mysql://{master username}:{db password}@{endpoint}/{db instance name}'
db = SQLAlchemy(application)

@application.route('/')
def hello_world():
    return 'Hello World'

if __name__ == '__main__':
    application.run()

The Flask-SQLAlchemy documentation says that the format of the SQLALCHEMY_DATABASE_URI for mysql database connections should look like this:

mysql://username:password@server/db

Additionally, I can check the AWS RDS console for information on my database instance. The console looks like this.

Right now I am assuming that "username" in SQLAlchemy refers to the "Master Username" in the AWS RDS console, "server" in SQLAlchemy refers to the "Endpoint" in the AWS RDS console, and "db" refers to the "Database Instance Name"

What am I doing wrong??

If someone could describe the SQLALCHEMY_DATABASE_URI for me with the AWS RDS console terms, that would completely solve the problem.

Improve this question
1
  • how can be used the same for a aws rotating secret key and if the secret key updates do we need to restart the application? Commented Jul 13, 2020 at 16:30

4 Answers 4

Reset to default
21

Go to your AWS RDS console and choose your instance -> DB Security Groups -> Click Default

and add a new CIDR as per the recommended IP range.

This is basically a firewall configuration which determines who can connect to the database instance.

You could set it as 0.0.0.0/0 so that firewall doesn't prevent you from accessing it from any host/network.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

This answer is not very valid now since the interface in AWS has changed :(
update: goto vpc > then go to security group > inboud rules > add ip range to allow
5

This is a valid path: EC2 dashboard -> Find network & security from left side panel -> Security groups.

Security groups

If you have a security group created, you may go to number 2.

  1. Creating a new security group:

There you can name your security group and description.

VPC will probably be automatically created for you.

Create security group window

After creating it, select it from the list.

  1. Set up inbound and / or outbound connections:

Here you can configure inbound connections rules.

Inbound window

On edit -> add rule you have default presets for easy configuration, for example HTTP on port 80.

Edit inbound connection rules window

I hope this helps everyone from now on.

  • Due to security reasons, try to only allow trusted IPs and / or security groups needed.
Improve this answer

Comments

2

make sure you're creating a database name in the initial setup of the database under addition configuration unless AWS RDS won't create a database.

Improve this answer

1 Comment

Otherwise, use a database management tool like DBeaver to connect to the RDS instance and create the database there.
2

Since AWS interface has changed a lot so reposting the answer with updated interface.

  1. Go to your database instances, click on your DB identifier for your db.
  2. There you'll see Connectivity & security, in that click on VPC security groups under Security. There you'll see a list of security groups.
  3. Now click on Inbound Rules, then on the right you'll see Edit Inbound Rules, click on that.
  4. Your Inbound Rules should look like the picture below.

image

After adding these rules, just save them & try to connect, it should work.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.