Installing MySQL on AWS
Install MySQL on Ubuntu Linux and make it accessible to the world (better use a good password)
MySQL is a popular open source relational database software that can be used to power any data-driven application. It's awesome, it's free, and it can be installed on any operating system. In this post, you'll learn to install MySQL on an AWS instance, then open up the firewall to allow traffic to connect.
Goals
- Be able to install and set up MySQL on your own AWS EC2 instance
- Connect to that MySQL server from MySQLWorkbench on your computer
Steps
- Create an EC2 instance running Ubuntu Server. I used Ubuntu Server 24.04 LTS
- Log into the server with SSH
- Install the MySQL server:
When installed, the MySQL server automatically starts itself. If you want to check if the server is running, you can usesudo apt install mysql-server
sudo service mysql status
to check if it is active.
service status
doesn't drop you right back into the terminal (with ubuntu@...), just hit the q
key on your keyboard to quit the status program.Setting up MySQL Server
Allow MySQL to listen for outgoing connections
For security reasons, MySQL server only listens for connections from the localhost computer (127.0.0.1). To connect from outside, you need to bind the MySQL service to other IP addresses:
- On the server (in SSH) open
/etc/mysql/mysql.conf.d/mysqld.cnf
with your favorite text editor (probably needsudo
) - Find the line that says
bind-address = 127.0.0.1
- Change out
127.0.0.1
for0.0.0.0
to allow MySQL to listen to all incoming connections - Save and close the file
- Restart the MySQL service with
sudo service mysql restart
Set up your MySQL user
When MySQL is installed, it automatically creates a user account for your computer's root user. It's generally a bad idea to log in as root all the time, and especially remotely, so we're going to set up a non-root admin user for remote access.
Generally it's not great practice to allow connections to your database from anywhere. These connections should be restricted to specific hosts (IP addresses) to reduce the possibility that your database gets attacked by brute force password attempts. Since this database is just for experimentation, we're going to open it up a little more than we should.
- On the server (in SSH) open MySQL as the root user with
sudo mysql
. - Create a new user with access to your database from anywhere:
CREATE USER 'username'@'%' IDENTIFIED BY 'yourpassword';
. Make sure to sub in your username and password, but leave the'%'
, as that allows connections from anywhere. - Grant the new user privileges on all databases to be able to create and use databases and tables:
GRANT ALL PRIVILEGES on *.* to 'username'@'%';
- Run the following command in the mysql prompt to refresh the privileges:
FLUSH PRIVILEGES;
- To quit the MySQL terminal, type
exit
.
Setting up AWS
Now that you've got a user that can log in, you need to set up AWS to allow MySQL network traffic to get to the server.
- Open the AWS Management Console, navigate to the EC2 section and open your instance information.
- On the bottom half of the page, find the Security section
- Click the Security group ID (it starts with sg-0e12 in the screenshot above)
- Under Inbound rules, click "Edit inbound rules"
- Click "Add Rule" at the bottom of the page to create a new inbound rule.
- On the page that pops up, select "MYSQL/Aurora" for the type, and "Anywhere-IPv4" for the Source
- Click the "Save rules" button
Connect to your database from MySQL Workbench
Now that the server is up and running, and the server is accessible, you can connect to it from anywhere in the world.
- Open MySQL Workbench on your computer
- Create a new connection with the following details:
- Connection Name: whatever you want to call it
- Connection Method: Standard (TCP/IP)
- Hostname: The public IP address of your server
- Port: 3306
- Username: The MySQL user you created
- Password: The password you used (in the
IDENTIFIED BY
part)
- You can click "Test Connection" to make sure you've got all the details correct. Once that works, you can click OK to save the new connection.
Now when you use this MySQL Workbench connection, the database, tables, and records you create will be created on the server.