检查以下内容:

数据库可公开访问:在数据库所在的 VPC 外部进行连接，更具体地说是通过 Internet 访问，需要将数据库配置为公共可访问性.你说的已经完成了.由于您有内部 IP，而数据库没有公共 IP，因此这不是真正必需的.

Database is publicly accessible: Connecting outside the VPC that the database resides, more specifically accessed over the internet, requires that the database is configured for Public Accessibility. Which you said is already done. As you have an internal IP, and the database does not have a public IP, this is not really required.

基本配置:检查数据库名称和端口是否设置正确，我相信你已经完成了.

Basic Configuration: Check that the database name, and port is set correctly, which I am sure you have done.

安全组入站规则:这很可能是这种情况，数据库将有一个或多个 安全组.确保安全组配置为允许从您的案例中的客户端进行入站访问:192.168.66.1

Security Group Inbound Rules: This is most likely the case, the database will have one or more security groups. Ensure that the security group is configured to allow inbound access from the client in your case: 192.168.66.1

确认客户端的IP地址:192.168.66.1 是容器的奇怪 IP，VPC 子网的前 4 个 IP 地址是 保留.

Confirm the IP address of the client: 192.168.66.1 is a strange IP for the container, the first 4 IP Addresses of a VPC Subnet are reserved.

确认网络路由:确认包含客户端的 VPC 可以连接到数据库.当客户端在 docker 容器中运行时，请确保容器可以访问数据库.简单的方法是在数据库子网中的 EC2 实例上启用 ICMP 数据包，并检查您是否可以 Ping 或使用 VPC 路由 分析器.

Confirm the network routing: Confirm that the VPC that contains the client can connect to the database. As the client is running within a docker container ensure that the container can access the database. Easy way to do this is enable ICMP packets on an EC2 instance in the database subnet, and check you can Ping it or use the VPC route analyser.

检查数据库用户权限:数据库用户可以连接任何地址而不是 localhost一>.

Check the database user rights: Can the database user connect for any address not localhost.

VPC 的安全性:检查两个子网的 ACL入站和出站

Security on the VPC: Check the ACLs of the subnets for both inbound and outbound

更新:这是来自 AWS 的链接:故障排除用于亚马逊 RDS.

UPDATE: Here is a link from AWS: Troubleshooting for Amazon RDS.