👀 Views: 1 💬 Answers: 1 📅 Created: 2025-06-07

aws lambda rds mysql JavaScript

I've been struggling with this for a few days now and could really use some help. I'm working with an 'Access Denied' behavior when my AWS Lambda function attempts to connect to an RDS MySQL instance. The Lambda is set up with an execution role that has the necessary permissions to access the RDS instance, specifically the `rds:Connect` permission. Here's the part of the policy attached to the Lambda's execution role: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "rds:Connect" ], "Resource": "arn:aws:rds:us-east-1:123456789012:db:mydb" } ] } ``` I've ensured that the Lambda function is running in the same VPC as the RDS instance. The security group for the RDS instance allows inbound traffic on port 3306 from the security group associated with the Lambda function. I've also set the subnet route tables correctly. However, I'm still getting the following behavior: ``` behavior: Access Denied for user 'your_user'@'%' (using password: YES) ``` I've tried using the AWS CLI to connect to the RDS instance from my local machine with the same credentials, and it works just fine. Here’s the code snippet I'm using in the Lambda function: ```javascript const mysql = require('mysql'); const connection = mysql.createConnection({ host: 'mydb.c123456789012.us-east-1.rds.amazonaws.com', user: 'your_user', password: 'your_password', database: 'mydb' }); connection.connect((err) => { if (err) throw err; console.log('Connected to RDS!'); }); ``` I've double-checked the database username and password, and they’re correct. I've also enabled enhanced logging on RDS, but I'm not seeing any additional clues in the logs. Is there a specific configuration or permission I might be missing? Any insights would be greatly appreciated. This is part of a larger service I'm building. Any ideas what could be causing this? For reference, this is a production mobile app. I appreciate any insights!