All Products
Search

This Product

    AnalyticDB:Resolve instance connection issues

    Document Center

    AnalyticDB:Resolve instance connection issues

    Last Updated:Mar 30, 2026

    Connection failures when connecting to an AnalyticDB for PostgreSQL instance from a client are almost always caused by one of two things: the client IP address is a local area network (LAN) IP that the instance cannot reach, or the client IP is not in the instance's IP address whitelist.

    The following steps walk you through adding a temporary open rule to identify your client's actual IP address, then locking it down.

    Prerequisites

    Before you begin, ensure that you have:

    Find and allowlist your client IP address

    Step 1: Temporarily allow all IP addresses

    1. Log on to the AnalyticDB for PostgreSQL console.

    2. In the upper-left corner, select the region where the instance resides.

    3. Click the instance ID. The Basic Information page appears.

    4. In the left-side navigation pane, click Security Controls.

    5. On the Whitelist Settings tab, click Modify next to the default IP address whitelist. The Modify Whitelist panel appears.

    6. In the IP Addresses field, delete 127.0.0.1 and enter 0.0.0.0/0.

    7. Click OK.

    0.0.0.0/0 allows all IP addresses to access the instance. This may raise security risks. Remove it after you identify your client IP address.

    Step 2: Connect to the instance using psql

    Run the following command to connect:

    psql -h yourgpdbaddress.gpdb.rds.aliyuncs.com -p 3432 -d postgres -U gpdbaccount
    Parameter Description
    -h Host (endpoint of the instance)
    -p Port used to connect to the database
    -d Database name. The default value is postgres.
    -U Account used to connect to the database

    Run psql --help to see all available options, or \? for commands available inside psql.

    Step 3: Query your client IP address

    After connecting, run the following query in the SQL command line window:

    select * from pg_stat_activity;

    The CLIENT_ADDR column in the results shows your client's IP address.

    2021030102

    Step 4: Replace the open rule with your client IP

    1. In the Security Controls page, open the default IP address whitelist and click Modify.

    2. Delete 0.0.0.0/0 and enter the IP address from the CLIENT_ADDR field.

    3. Click OK.

    Your client can now connect to the instance with a properly scoped whitelist entry.