HeatWave on AWS  /  ...  /  Troubleshooting a Query PrivateLink

6.1.5 Troubleshooting a Query PrivateLink

Table 6-1 lists some common issues and their resolutions when setting up a Query PrivateLink, and Troubleshooting Connectivity in your AWS Account Using the AWS Reachability Analyzer for a Query PrivateLink gives further help for toubleshooting.

Note:

The error messages might read differently, as HeatWave on AWS gets updated.

Table 6-1 Query PrivateLink: Common Issues and Resolutions

Deployment Step Error Summary Steps to Resolve
Create Query PrivateLink CreatePrivateLink: 1 Validation Error for … principalArn Ensure the ARNs you have entered are formatted properly. See Identify AWS resources with ARNs.
Create VPC Endpoint AWS Console shows Service name could not be verified
  • Ensure that you are creating the Endpoint in the same Region as the Query PrivateLink.
  • Check the ARNs Authorized Principals for the PrivateLink match a principal in your account, or authorize your entire account for simplicity. See “Creating a Query PrivateLink”.
Connect to Private Hostname Application cannot connect, returning MySQL error like Error 2003: Can't connect to MySQL server

Validate that your account allows connectivity between your application and the VPC Endpoint. See Troubleshooting Connectivity in your AWS Account Using the AWS Reachability Analyzer below.

Troubleshooting Connectivity in your AWS Account Using the AWS Reachability Analyzer for a Query PrivateLink

To identify any components in your account that may be preventing your Query PrivateLink from working, we recommend using the AWS Reachability Analyzer:

  • Navigate to AWS Console > Network Manager > Reachability Analyzer and click Create analyze path.
  • Under Path Source, put in an optional Name tag if you want, and set:
    • Source type as Instances if your application runs on an EC2 instance, or as Network Interfaces if your application connects through an AWS-managed network interface such as one created by AWS Lambda.
    • Source as the EC2 instance ID, or the interface ID of the Lambda network interface.
  • Under Path Destination, put in an optional Name tag, set:
  • For Protocol choose TCP
  • Add optional Tags if you want.
  • Click Create analyze path, and wait for the analysis to complete. The network components that forward traffic between the Network Load Balancer and database source are displayed. If traffic is blocked, the problematic component(s) are identified.

PREV   HOME   UP   NEXT
Download this Manual
PDF (US Ltr) - 1.0Mb