AWS App Runner Service scenarios to Connect to RDS with 'Access Denied' scenarios
I'm integrating two systems and I'm relatively new to this, so bear with me. This might be a silly question, but I'm currently working with an scenario with my AWS App Runner service trying to connect to an RDS PostgreSQL instance. I have configured the App Runner service with a VPC connector to access resources within my VPC. However, I keep receiving the following behavior in the logs: `Access Denied: User does not have permission to access the database`. Here's a quick overview of my configuration: - App Runner service in the same region as RDS (us-west-2). - RDS instance security group has an inbound rule allowing traffic from the VPC CIDR range. - I have attached the following IAM policy to the App Runner service's execution role: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "rds:Connect", "Resource": "*" } ] } ``` I know that this IAM policy is quite permissive, but I wanted to rule out permission issues. I've also verified that the database username and password are correct in my environment variables. I've tried the following troubleshooting steps: - Ensured that the RDS instance is accessible from the App Runner service by creating a test Lambda function that connects to the same RDS instance, which worked without issues. - Double-checked the security group rules and confirmed that there are no overlapping rules that could block the traffic. - Reviewed the App Runner service logs, but they only show the access denied behavior without any additional context. Can someone guide to understand what might be going wrong in this setup? Are there any additional permissions or configurations I might be missing for the App Runner service to connect to the RDS instance successfully? This is part of a larger API I'm building. The project is a service built with Javascript. Thanks for your help in advance! I appreciate any insights!