Apply for or release a public endpoint

ApsaraDB RDS supports two types of endpoints: internal endpoints and public endpoints. By default, you are provided with an internal endpoint that is used to connect to your ApsaraDB RDS for MySQL instance. If you want to connect to your RDS instance over the Internet, you must apply for a public endpoint.

For more information about how to apply for or release public endpoints for RDS instances that run other database engines, see the following topics:

Apply for or release a public endpoint for an ApsaraDB RDS for SQL Server instance
Apply for or release a public endpoint for an ApsaraDB RDS for PostgreSQL instance
Apply for or release a public endpoint for an ApsaraDB RDS for MariaDB instance

Internal and public endpoints

Endpoint type	Description
Internal endpoint	By default, an internal endpoint is provided. You do not need to apply for the internal endpoint. In addition, you cannot release the internal endpoint. However, you can change the network type of your RDS instance. If the Elastic Compute Service (ECS) instance on which your application is deployed resides in the same region and has the same network type as your RDS instance, these instances can communicate over an internal network, and you do not need to apply for a public endpoint. For more information, see Change the network type of an ApsaraDB RDS for PostgreSQL instance. For security and performance purposes, we recommend that you connect to your RDS instance by using the internal endpoint.
Public endpoint	You must manually apply for a public endpoint for your RDS instance. You can release the public endpoint if it is no longer required. If you cannot connect to your RDS instance by using the internal endpoint, you must apply for a public endpoint. You may need to apply for a public endpoint in the following scenarios: Connect to your RDS instance from an ECS instance that resides in a different region or has a different network type than your RDS instance. For more information, see Change the network type of an ApsaraDB RDS for PostgreSQL instance. Connect to your RDS instance from a device outside Alibaba Cloud. Important Currently, you are not charged for applying for a public endpoint. You are also not charged for the traffic that is generated after you use the public endpoint to connect to your RDS instance over the Internet. If you use a public endpoint to connect to an RDS instance, data security is compromised. Proceed with caution. For faster transmission and higher security, we recommend that you migrate your application to an ECS instance that resides in the same region and has the same network type as the RDS instance. This way, you can connect to the RDS instance by using the internal endpoint of the RDS instance.

Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
In the left-side navigation pane, click Database Connection.
Apply for or release a public endpoint.
- If you have not applied for a public endpoint, you can click Apply for Public Endpoint.
- If you have applied for a public endpoint, click Disable Public Endpoint.
In the dialogue box that appears, click OK.
If you add 0.0.0.0/0 to the IP whitelist of your RDS instance, the instance can be accessed by all IP addresses, which may result in security risks. Therefore, configure your whitelist again after the test is complete.
If you want to connect to the RDS instance through the Internet, run the curl ipinfo.io/ip command to query the public IP address of the local client and add it to the IP whitelist of the RDS instance. For more information, see Configure an IP address whitelist.
Note
If your RDS instance uses RDS Cluster Edition, you can apply for or release a public endpoint in the Instance Topology Management section of the Basic Information page.

FAQs

Am I charged for the use of a public endpoint?
Currently, you are not charged for the inbound or outbound Internet traffic that you consume for your RDS instances. Alibaba Cloud does not impose bandwidth limits on RDS instances.
Can I change the endpoints and port numbers of my RDS instance?
You can change the prefix and port number of the endpoint. For more information, see View and manage instance endpoints and ports.
Can I configure the endpoints of my RDS instance to static IP addresses?
No, you cannot configure the endpoints of your RDS instance to static IP addresses. Both primary/secondary switchovers and specification changes may cause changes to the IP addresses. We recommend that you connect to your RDS instance by using an endpoint. This allows you to minimize the impact on your workloads and eliminates the need to modify the configuration data on your application.
How do I connect to my RDS instance by using a public endpoint?
For more information, see Use a client or the CLI to connect to an ApsaraDB RDS for MySQL instance.
Does the public endpoint change if I repeatedly apply for the public endpoint for my RDS instance?
No, the public endpoint does not change even if you repeatedly apply for the public endpoint for your RDS instance. After you release the public endpoint and apply for a public endpoint for your RDS instance again, the new public endpoint is the same as the released public endpoint.

Related operations

Operation	Description
AllocateInstancePublicConnection	Applies for a public endpoint for an instance.
ReleaseInstancePublicConnection	Releases the public endpoint of an instance.