I setup an auto scaling group on EC2 along with an RDS Postgres instance. I am not using ELB. Maybe I should be...
The challenge is that every time a new EC2 instance is created it assigns a unique public IP address. This means that a new inbound rule needs to be applied to the security group for RDS that allows this new EC2 instance to connect to RDS via port 5432 (postgresql).
I also run into a Route 53 issue since the new ip address needs to be added to the DNS "A Record" in order to properly resolve the url.
Is there a way to setup AWS to do this for me, or do I need to write some python code using boto?
Rather than using public IPs for your security group rules, I suggest using private IPs. Run both EC2 and RDS in the same VPC, then allow the entire VPC subnet IP range containing your EC2 instances in your security group rules for RDS.
You basically have 3 options:
Don't individually add each EC2 instance's IP address to your inbound security group. Instead allow inbound traffic from the security group of the EC2 instances. Then any EC2 instance which uses that security group will be permitted access from the same rule.
Generally speaking, auto-scaling groups are best used behind Elastic Load Balancers if outside access is required. This is because auto-scaling groups are usually used when instances need to start and stop dynamically based on load or other metrics. When a client connects to your group, normally, it shouldn't care which one it actually is connecting to. By assigning individual IP addresses to each instance, the outside world needs to keep track of all these instances.