How do I resolve issues with an Amazon RDS database that is in an incompatible-network state?

Last updated: 2019-04-19

My Amazon Relational Database Service (Amazon RDS) instance is in an incompatible-network state. What does this mean, and how can I fix it?

Short Description

An incompatible-network state indicates one or more of the following is true of the Amazon RDS instance:

  • There are no available IP addresses in the subnet into which the RDS DB instance was launched.
  • The subnet mentioned in the Amazon RDS DB subnet group no longer exists in the Amazon Virtual Private Cloud (Amazon VPC).
  • The Amazon RDS instance is publicly accessible, but the DNS hostnames and the DNS resolution options are disabled. Both options must be enabled for an RDS instance to be publicly accessible.
  • You reached your service limit for Elastic Network Interfaces in the AWS Region that you’re using, and need to request a service limit increase.
  • The original elastic network interface of the DB instance was deleted while the instance was stopped. When the DB instance was restarted, the elastic network interface wasn't found.

The incompatible-network state of your instance could be the result of performing one of the following actions:

  • Modifying the instance’s class.
  • Modifying the instance to use a Multi-AZ deployment.
  • Replacing a host due to a maintenance event.
  • Launching a replacement DB instance.
  • Creating a new DB instance after the limit for the elastic network interfaces has been reached.
  • Restoring from a snapshot backup.
  • Starting an RDS DB instance that was stopped.

For more details about why your instance is in an incompatible-network state, see Viewing Amazon RDS Events.


The incompatible-network state means that the instance might still be accessible at the database level, but you won’t be able to modify or reboot the instance. For this reason, it's a best practice to always have a backup (snapshot or logical) to be sure that you can restore the data to another instance, in case your instance enters an incompatible-network state.

  1. Open the Amazon RDS console, and then choose Databases from the navigation pane.
  2. Choose the DB instance that is in an incompatible-network state, and then note the VPC ID and subnet IDs from the Connectivity & Security pane.
  3. Open the Amazon VPC console, and then choose Your VPCs from the navigation pane.
  4. Select the VPC that you noted previously, choose Actions, and then choose Edit DNS hostnames. If DNS hostnames is not enabled, check the box for enable.
  5. From Your VPCs, select the VPC that you noted previously, choose Actions, and then choose Edit DNS resolution. If the DNS resolution is not enabled, check the box for enable.
  6. Choose Subnets from the navigation pane, and then confirm that all subnets noted previously from the DB instance details section are listed and have available IP addresses.
  7. Open the Amazon Elastic Compute Cloud (Amazon EC2) console, and then confirm that you haven't reached the limit for elastic network interfaces. Request a service limit increase if needed.
    Note: The limit for network interfaces per AWS Region is 350 by default, or the limit is your on-demand DB instance limit multiplied by five, whichever is greater. For more information, see Network Interfaces.

To fix an instance that is already in an incompatible-network state, and if you previously enabled automated backups for your instance, temporarily stop any writes to the database, and then perform a point-in-time recovery (PITR).

If you didn't already enable automated backups, create a new instance and migrate the data by using your preferred backup and restore tool (for example, mysqldump, pg_dump, expdp / impdp), or by using AWS Database Migration Service (AWS DMS)

Important: After an instance enters an incompatible-network state, the instance might not be accessible at the DB level to perform a logical backup.