Tech note: Connecting to an Amazon RDS database from a legacy EC2 server

Amazon’s Relational Database Service (RDS) is an excellent way to host databases. The service is affordable, low-maintenance, and self-contained. If you use the Amazon cloud, there are precious few reasons to maintain your own database server.

At some point, Amazon started requiring RDS instances to use Virtual Private Cloud (VPC) networking. However, if you’re like the NPR Visuals team, you might have older Amazon Elastic Cloud Compute (EC2) server instances that don’t use VPC but need to connect to RDS databases. Even if you don’t, you might need to connect to your RDS instance locally.

As is often the case with Amazon, it’s not entirely clear how to configure the correct security rules to allow access from outside the VPC. Here’s what worked for us.

During creation, make sure your RDS instance is publicly accessible. This setting cannot be edited later.

Make your RDS instance publicly accessible

For the security group setting, either option will suffice, though creating a new security group will help isolate the network access rules for this database instance.

Once created, click on the security group from the instance details:

Click the security group link

A new tab or window will open with the security group selected. Click the “Inbound” tab in the lower window pane, then click the “Edit” button to add rules to allow the IP addresses you want to access the RDS instance

Click inbound tab, then click edit

Now you can configure the inbound rules in the modal that opens:

Edit inbound rules in the modal

I found a lot of places in the VPC interface to set inbound rules, but only the security group rules actually worked to allow local machines and non-VPC EC2 instances access to the RDS database.

If you know a better way to handle this, let us know in the comments!

Never miss a gig

Join the Visuals Gigs mailing list to get an email when we post internships and full-time jobs.

Your membership will be kept confidential.


Book Concierge 2019

The Book Concierge is back with 350+ great reads, hand-picked by NPR staff and trusted critics.


After The Water

When a flash flood ripped through Old Ellicott City in Maryland, residents thought it was a freak occurrence. Instead, it was a hint about the future. And adapting to that future has been painful.


A command-line tool to get election results from the Associated Press Election API v2.0. Elex is designed to be friendly, fast and agnostic to your language/database choices.


A JavaScript library for responsive iframes.


On The Team Blog