AWS Proxy Create
2. Create a policy under the VPC
Need to pay attention to the error, if you remember to solve the error first
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"secretsmanager:GetResourcePolicy",
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret",
"secretsmanager:ListSecretVersionIds"
],
"Resource": [
"arn:aws:secretsmanager:ap-southeast-1:072047477590:secret:secret-h123-ZLVCqC"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"secretsmanager:GetRandomPassword",
"secretsmanager:ListSecrets"
],
"Resource": "*"
}
]
}
3. Create a role under the VPC and import the policy just created
Note that the import selection: RDS --> RDS-Add Role to Database
Next,
Continue to the next step, enter a name, and create
4. Create a new Proxy
Note that:
Secrets Manager secret(s): Reference the just created
IAM role: Reference the just created
Subnets: Select the internal network segment, here is the EKS internal subnet
Existing VPC security groups: Select VPC, here is the VPC of EKS
Then click Create proxy
5. Check proxy availability
/ # nc -zv test.proxy-********************.rds.amazonaws.com 3306
/ # mysql -htest.proxy-********************.rds.amazonaws.com -uuser -ppasswd