So I try to ping it. But the attempt timeout.

所以我尝试ping它。但是尝试超时。

Ping won't work because the security group blocks all communication by default. You'll have to "poke holes" in the security group firewall to get traffic to your instance.

Ping 将不起作用，因为默认情况下安全组会阻止所有通信。您必须在安全组防火墙中“戳洞”才能获得流量到您的实例。

SSH TCP 22 72.xxx.xxx.xxx/32 And it still does not work.

SSH TCP 22 72.xxx.xxx.xxx/32 还是不行。

Yup. RDS does not allow you to log in to the box via SSH. Only the MySQL port (3306) is open.

是的。RDS 不允许您通过 SSH 登录盒子。只有 MySQL 端口 (3306) 是开放的。

I want to migrate my local mysql database to Amazon RDS.

我想将我的本地 mysql 数据库迁移到 Amazon RDS。

Ok, but be careful. DO NOT open up 3306 to the entire Internet (i.e. 0.0.0.0). MySQL was not designed for that, and often has flaws where anyone can break into your database.

好吧，但要小心。不要向整个互联网开放 3306（即 0.0.0.0）。MySQL 不是为此而设计的，并且经常存在任何人都可以闯入您的数据库的缺陷。

You can open 3306 to just your (home) IP address (or the server you'll be using it from.) It should look like "5.5.5.5/32 TCP port 3306". But beware that this isn't great security because other people could see your packets. (MySQL supports encrypted connections, but you have to set them up explicitly.)

您可以只打开 3306 到您的（家庭）IP 地址（或您将使用它的服务器。）它应该看起来像“5.5.5.5/32 TCP 端口 3306”。但请注意，这不是很好的安全性，因为其他人可以看到您的数据包。（MySQL 支持加密连接，但您必须明确设置它们。）

You can test your setup with telnet my.mysql.ip.address 3306. If you get no message, the port is not open. If you get "connected to ..", then your MySQL port is working.

您可以使用telnet my.mysql.ip.address 3306. 如果您没有收到任何消息，则该端口未打开。如果您“连接到 ..”，那么您的 MySQL 端口正在工作。

The most secure way to use RDS is from an EC2 instance. You can create trust between the EC2 instance and the RDS security group. Your packets won't travel over the Internet, but only on the AWS network. Other people won't be able to see your packets, because nothing in EC2 allows that.

使用 RDS 最安全的方式是从 EC2 实例。您可以在 EC2 实例和 RDS 安全组之间创建信任。您的数据包不会通过 Internet 传输，而只会在 AWS 网络上传输。其他人将无法看到您的数据包，因为 EC2 中不允许这样做。

Amazon RDS is a managed service for relational databases. It does not give access to the low level infrastructure.

Amazon RDS 是一种关系数据库的托管服务。它不提供对低级基础设施的访问。

http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

There is no SSH, Telnet or Ping access authorised to an RDS instance

RDS 实例没有授权的 SSH、Telnet 或 Ping 访问

Seb

塞伯

"RDS Instances are not configured to accept and respond to an ICMP packet for pings. The only way you can establish connectivity to your RDS instance is through a standard SQL client application."

“RDS 实例未配置为接受和响应用于 ping 的 ICMP 数据包。与 RDS 实例建立连接的唯一方法是通过标准 SQL 客户端应用程序。”

This means, that adding ICMP rule into particular RDS security group, doesn't make your RDS instance reachable over ICMP.

这意味着，将 ICMP 规则添加到特定的 RDS 安全组不会使您的 RDS 实例可通过 ICMP 访问。

Ping is blocked as others have said. To allow Amazon RDS to connect from your EC2 instance. Go to Security groups of your RDS instance. Edit "Inbound" settings. And Change "Custom" to "Anywhere". After that you will be able to connect to db.

正如其他人所说，Ping 被阻止了。允许 Amazon RDS 从您的 EC2 实例进行连接。转到 RDS 实例的安全组。编辑“入站”设置。并将“自定义”更改为“任何地方”。之后，您将能够连接到数据库。

The solution that worked for me is open the IP:PORT in security group section

对我有用的解决方案是在安全组部分打开 IP:PORT

AWS security groups block ICMP - which includes pings - by default. You'd have to open up ICMP - blindly trying to open TCP/22 isn't going to do anything.

默认情况下，AWS 安全组会阻止 ICMP（包括 ping）。您必须打开 ICMP - 盲目地尝试打开 TCP/22 不会做任何事情。