Allow connection for DB in EKS cluster and failed auth error
hi everyone, I'm trying to connect to aurora db with my deployment, my understanding is that if the following setting is set, I should be able to connect from the eks cluster which is in the private app subnet correct? ``` allow_connections_from_cidr_blocks = dependency.vpc.outputs.private_app_subnet_cidr_blocks ``` I am currently getting the following error which I am currently [hard coding to the helm chart](https://github.com/IllumiDesk/illumidesk-modules/blob/47a923e42d79e90885b1c25c0257720b82b01956/modules/illumidesk/variables.tf#L121). I checked the **RDSDBConfig** secret from secrets manager as well to verify that the password is correct and copied the value and pasted it. ``` Rolling back session due to database error (psycopg2.OperationalError) FATAL: password authentication failed for user "gruntwork" ``` Also regarding resetting the password for the aurora db, I would need to create a new secret and pass the arn to the aurora db input correct or can I change the password in current secret, **RDSDBConfig**? r:terraform-aws-vpc r:terraform-aws-eks
[Looking at how you are using the password](https://github.com/IllumiDesk/illumidesk-modules/blob/47a923e42d79e90885b1c25c0257720b82b01956/modules/illumidesk/main.tf#L58), my best guess is that this is a character escape/encoding problem. The password most likely contains special characters, and those need to be escaped according to the [postgres URL rules](https://www.postgresql.org/docs/11/libpq-connect.html#id-1.7.3.8.3.6): > Percent-encoding may be used to include symbols with special meaning in any of the URI parts, e.g., replace = with %3D. Try encoding the password with URI encoding and then use the encoded format for the raw string in your module as a test. If you want an easy way to encode the password, you can use the python shell: ```python import urllib.parse print(urllib.parse.quote("MY_P@SSWORD", safe="")) # Prints out MY_P%40SSWORD ```