Bird
0
0

An RDS instance is unreachable despite correct security group rules. What else should you check?

medium📝 Debug Q7 of 15
AWS - RDS and Relational Databases
An RDS instance is unreachable despite correct security group rules. What else should you check?
AVerify if encryption is enabled
BCheck if the RDS instance is in a private subnet without NAT gateway
CConfirm the database engine version
DCheck if Multi-AZ is enabled
Step-by-Step Solution
Solution:

  1. Step 1: Understand network accessibility

    If the RDS instance is in a private subnet without proper routing or NAT, it may be unreachable.

  2. Step 2: Recognize that encryption and engine version do not affect network reachability

    Encryption and engine version do not block network access; Multi-AZ affects availability but not basic reachability.

  3. Final Answer:

    Check if the RDS instance is in a private subnet without NAT gateway -> Option B

  4. Quick Check:

    Private subnet without NAT can block access [OK]
Quick Trick: Private subnet without NAT blocks external access [OK]
Common Mistakes:
  • Assuming encryption blocks connectivity
  • Ignoring subnet and routing configurations
  • Confusing Multi-AZ with network reachability

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More AWS Quizzes
API Gateway - API deployment and stages - Quiz 5medium DynamoDB - Time to live (TTL) for expiration - Quiz 2easy DynamoDB - Secondary indexes (GSI, LSI) - Quiz 6medium DynamoDB - DynamoDB capacity modes (on-demand, provisioned) - Quiz 13medium DynamoDB - Tables, items, and attributes - Quiz 2easy Elastic Load Balancing - Listener rules and routing - Quiz 12easy Elastic Load Balancing - Application Load Balancer (ALB) - Quiz 2easy RDS and Relational Databases - Parameter groups and option groups - Quiz 11easy SNS and SQS - SNS and SQS integration pattern (fan-out) - Quiz 3easy SNS and SQS - SNS topics and subscriptions - Quiz 14medium