Help Center/ Data Replication Service/ User Guide (Ankara Region)/ Preparations/ From the Public Cloud to the Public Cloud/ Accessing the Public Cloud Through a VPC (Same Region and Same VPC)
Updated on 2024-04-11 GMT+08:00

Accessing the Public Cloud Through a VPC (Same Region and Same VPC)

Figure 1 shows how to use DRS to migrate data across databases in the same region and VPC on the public cloud.

Figure 1 Network diagram

If the DRS instance, the source and the destination RDS databases are in the same VPC and region, ensure that the network ACL and security group associated with the source database allow inbound traffic, and the network ACL and security group associated with the replication instance allow the outbound traffic. Figure 2 shows the process.

Figure 2 Flowchart

Network Configurations

  1. Create a DRS instance and obtain the private IP address of the DRS instance.

    After the DRS replication instance is created, the private IP address of the replication instance is displayed.

  2. Configure inbound rules for the network ACL and security group associated with the source database.

    Security group: Add an inbound rule to allow traffic from the private IP address of the DRS replication instance to the source database listening port.

    Network ACL: By default, a VPC does not have a network ACL. If you have a network ACL, add an inbound rule to allow traffic from the private IP address and random port of the DRS replication instance to the IP address and listening port of the source database.

  3. Configure outbound rules for the network ACL and security group associated with the replication instance.

    By default, a VPC does not have a network ACL, and the default security group rules allow all outbound traffic. The replication instance and destination RDS database in the same security group can communicate with each other by default, so you do not need to configure a network ACL.

    If you have configured a network ACL or security group, log in to the VPC management console and check the settings:

    Security group: Ensure that the outbound traffic from the DRS private network IP address to the IP address and listening port of the source database is allowed.

    Network ACL: Ensure that the outbound traffic from the DRS private network IP address and random port to the IP address and listening port of the source database is allowed.

  4. Test the connection.

    Log in to the DRS console, locate the created DRS task, and click Edit in the Operation column. On the Configure Source and Destination Databases page, enter the IP address, port, username, and password of the source database and then click Test Connection to check whether the connection is successful.