Clever Geek Handbook

Laravel permission denied on remote Mysql server (AWS aurora)

I have centos EC2 with Laravel application. I also have MySQL installed on the same EC2 instance. It worked fine.

Now I decided to move MYSQL to AWS RDS (MySQL Aurora). I can connect to AWS RDS through Heidi and request without issue.

However in Laravel it will throw exceptions. I have changed .env credentials for DB_HOST, DB_DATABASE, DB_USERNAME, DB_PASSWORD files.

Below are the exceptions:

1/3 PDOException in PDOConnection.php line 43:
SQLSTATE[HY000] [2002] Permission denied
1. in PDOConnection.php line 43
2. at PDO->__construct('mysql:host=correct_host;port=3306;dbname=correct_db', 'correct_username', 'correct_password', array('0', '2', '0', false, false)) in PDOConnection.php line 43

      

        
        
        
      

    
1/2 PDOException in PDOConnection.php line 47:
SQLSTATE[HY000] [2002] Permission denied

      

        
        
        
      

    
1/3 QueryException in Connection.php line 770:
SQLSTATE[HY000] [2002] Permission denied (SQL: select * from `users` where `users`.`id` = 1 limit 1)

Update

I just reverted the database credentials in .env to my old MySQL (installed on the same EC2 instance as the Laravel application). It works with DB_HOST = localhost, but if I use the actual ip instead, DB_HOST = 127.0.0.1, it throws the same exceptions.

+3


source to share


2 answers


If you are using SELinux on your central EC2, try turning SELinux off and checking your application again. If SELinux is causing this issue, it could be due to the external database connection policy. You must disable SELinux and enable policy using this command.



sudo setsebool -P httpd_can_network_connect_db=1
+8


source


Modify your /etc/my.cnt like this:

bind-address = 0.0.0.0 # will accept requests from all IPs

Then in your mysql add the user and give him the appropriate permissions

grant all privileges on db_name.* to 'username'@'%' identified by 'password';

This allows the user to connect to the database from any IP



grant all privileges on db_name.* to 'username'@'your_ip' identified by 'password';

This allows the user to connect to the database from only one IP address. This is best practice, you don't want to allow connections from any IP address, it is bad security practice.

This will allow you to connect to the database from your external IP address

Why is your RDB instance not working is not completely clear, did you enable remote connections?

0


source






More articles:


All Articles