ApsaraDB RDS:Common whitelist use cases and issues

Only the default IP address 127.0.0.1 is in the whitelist

The default whitelist contains only 127.0.0.1, which blocks all external access. Add the IP addresses of the devices that need to connect to your instance.

0.0.0.0 was added instead of 0.0.0.0/0

0.0.0.0 is not a valid CIDR block. To allow all IP addresses, add 0.0.0.0/0 instead.

Public IP addresses in the whitelist are not reachable

This error usually has one of two causes:

• Dynamic IP addresses: Your internet service provider (ISP) assigns your connection a dynamic IP that changes periodically. The address you added may no longer be valid.

• Inaccurate IP lookup tools: The tool or website you used to find your public IP may have returned an incorrect result.

For more information, see Why am I unable to connect to my ApsaraDB RDS for MySQL or ApsaraDB RDS for MariaDB instance from a local server over the Internet?

IP addresses added to an enhanced whitelist are not working

In enhanced whitelist mode, ApsaraDB RDS distinguishes between the classic network and virtual private clouds (VPCs). An IP address added to a VPC-type whitelist applies only to VPC connections — it does not apply to classic network connections, and vice versa.

Add the IP address to the whitelist whose network type matches the network your client is using.

Can I use both IP address whitelists and security groups?

Yes. When both are configured, access is granted to all IP addresses in the whitelists and all Elastic Compute Service (ECS) instances in the security groups.

What are the ali_dms_group and hdm_security_ips whitelists?

When you connect to your instance from Data Management (DMS)DAS or Database Autonomy Service (DAS), the system automatically creates dedicated whitelists upon your authorization:

• ali_dms_group — created for DMS

• hdm_security_ips — created for DAS

Do not modify or delete these whitelists. If you do, DMS and DAS lose access to your instance. Neither service performs operations on your business data.