Error connecting to Postgres database on RDS due to missing pg_hba.conf entry

Slack Knowledge Base Q&A Connector Questions
, , , ,
1

Summary

The error indicates a missing pg_hba.conf entry for the host’s IP address in the Postgres configuration. This is causing a fatal error due to no encryption.


Question

We are getting an error connecting to a Postgres database hosted on RDS.
Caused by: org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry for host "{our EC2's IP address}", user "xxx", database "xxx", no encryption


This topic has been created from a Slack thread to give it more visibility.
It will be on Read-Only mode here. Click here if you want
to access the original thread.

Join the conversation on Slack

["error", "connecting", "postgres-database", "rds", "pg-hba-conf", "encryption"]
2

<@U0759B9026S> Your problem is most likely a little different, as the one described above has to do with an Airbyte source for Postgres, versus Airbyte itself connecting to its own database. I would search the existing threads first, and then post a new one with details if you aren’t seeing an answer to your specific issue.

3

Do we need to add the IP address of our Airbyte instance to Postgres some how? We don’t have access to the pg_hba.conf file since this is hosted in RDS.

4

It looks like you aren’t using encryption (see the no encryption part of that message), but SSL is required on RDS Postgres 15+. So I’d first try just changing SSL Modes to require in Airbyte and see if it will let you connect. (Note that other options like verify-ca or verify-full can by tricky with RDS, since you have to have their regional CA bundle locally for those and that gets messy with how the worker containers are spun up.)

So start there. Note that you can do IP restrictions using Security Groups, but this happens outside of Postgres (so I would expect the symptom of that would be a timeout or refused connection, not the message you got).

It is also possible to disable the rds.force_ssl option creating/enabling a new Parameter Group (since the default one is read-only), although I would HIGHLY discourage disabling encryption in a production environment.

5

<@U035912NS77> yes, adding the SSL Mode to require did it. Thank you so much for your suggestion.
:slightly_smiling_face:

6

<@U04P92HCXPF> Nice—happy syncing!

7

Oh I have this problem when install using abctl.

8

> just changing SSL Modes to require in Airbyte and see if it will let you connect.
<@U035912NS77> could you please tell me how to do this? I’m installing using abctl and facing same error when connecting to postgres 15.5.
Thank you.

9

<@U0759B9026S> This is on the settings screen when configuring the Source: