This message was deleted.

Note that for the manual rule i've created, I've tried with only to that port from all IPs, and gone through the whole check to see if there's an Internet gateway attached to the VPC. I've tried to connect with pgAdmin and by just hitting

telnet <cluster> 5432

. Nothing seems to work. Doesn't even attempt to wake up the paused cluster.

You can't access anything in a private subnet from the internet

Right ye, i noticed that when i was posting this. I've (temporarily) updated it to be in all the groups to confirm whether this was the issue or not:

subnetIds: pulumi.all([vpc.publicSubnetIds, vpc.privateSubnetIds]).apply(([publicSubnetIds, privateSubnetIds]) => [...publicSubnetIds, ...privateSubnetIds]),

Still doesn't seem to work. I keep getting the impression the traffic is being blocked before it goes anywhere near the RDS instance. I'll run through those docs and post back if i bump into anything.

@powerful-furniture-83753 you have a subnet group on the RDS instance that is limited to the private subnets

even if i swap that out for only the public subnet ids.. still times out, and still accessible inside the VPC (as expected). I don't really get why.

You'd need to open up the security group and have the rds instance subnetgroup be public to access it from outside

Your security group needs to have 0.0.0.0/0 access

aaaaah... i think you can't actually give an Aurora Serverless cluster a public ip. At least if i read this right: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html Also found some threads suggesting the only way to do it is to setup a VPN tunnel into the VPC. It could also be that i horribly misunderstand how this works 🙂