Need help connecting private RDS to Zapier
I’m having trouble setting up a connection between my MySQL RDS production database and Zapier. My test database works fine since it has public access enabled, but my production database is private for security reasons.
I’ve been trying to figure out how to establish this connection without making my production database publicly accessible. I’m currently using rds-ca-2019 SSL certificates and have downloaded the .pem certificate file from AWS, but the connection still fails.
Has anyone successfully connected a private RDS instance to Zapier? What are the recommended approaches for this setup? I want to keep my database secure while still being able to use Zapier integrations.
you could also use zapier’s webhook triggers instead of connecting directly to the db. i just threw a simple express server on ec2 in the same vpc as my rds. it listens for database changes and hits the zapier webhooks when something happens. way easier than messing with lambda and api gateway.
I encountered a similar challenge when trying to integrate our production MySQL RDS with Zapier. The SSL setup you have won’t suffice because Zapier requires direct access to your database, which isn’t feasible with a private subnet RDS. Instead, I implemented an AWS Lambda function to serve as an intermediary. This Lambda is within the same VPC as your database, allowing it to access the private RDS seamlessly. I then configured API Gateway to expose the Lambda function with appropriate authentication, enabling Zapier to interact with it through API calls rather than direct database connections. Although it requires some initial configuration, it significantly enhances security by keeping your database private and giving you control over interactions.
I set up a bastion host in a public subnet within the same VPC as my RDS instance - worked great. Zapier connects through a secure tunnel to reach your private database. Just configure the security groups to allow only the traffic you need, then use SSH tunneling to route everything through the bastion host. Your RDS stays completely private but Zapier can still reach it. You’ll need to give Zapier the bastion host credentials and set up the tunnel connection, but it keeps your security tight without writing custom code.