How to Connect a Remote Database on AWS RDS
Before You Start
You need an existing AWS RDS instance running MySQL or PostgreSQL. If you do not have one yet, you can create one in the AWS Console under the RDS service. For testing and small workloads, the db.t3.micro instance type is eligible for the AWS Free Tier and costs about $15-25/month after the free period.
You also need access to the AWS Console to modify the security group attached to your RDS instance. This is required to allow the platform's servers to connect to your database.
Step-by-Step Connection
In the AWS Console, go to RDS and click on your database instance. The endpoint is listed under Connectivity and Security. It looks like
mydb.abc123xyz.us-east-1.rds.amazonaws.com. Copy this URL, you will need it for the connection settings. Also note the port (3306 for MySQL, 5432 for PostgreSQL).
Your RDS instance has a security group that controls which IP addresses can connect. Click on the security group link in the RDS console, then edit the inbound rules. Add a new rule: Type = MySQL/Aurora (or PostgreSQL), Protocol = TCP, Port = 3306 (or 5432), Source = the IP address of the AI platform. If you do not know the platform's IP, you can temporarily use 0.0.0.0/0 for testing, but restrict it to specific IPs before production use.
Check that your RDS instance has "Publicly accessible" set to Yes. This is in the Connectivity section of the instance settings. If it is set to No, the instance only accepts connections from within the same VPC, and external services like the AI platform cannot reach it. You can modify this setting and it takes a few minutes to apply.
In your admin panel, open the MySQL or PostgreSQL app settings. Enter the RDS endpoint as the host, the port number, your database name, the master username (or a dedicated user you created), and the password. Click Test Connection to verify.
For better security, create a dedicated database user for the AI connection instead of using the master credentials. Connect to your RDS instance with a MySQL or PostgreSQL client and create a new user with only the permissions needed. See How to Secure Your Database Connection for the exact SQL commands.
Troubleshooting RDS Connections
Connection Timeout
If the connection test times out, the most likely cause is the security group. Double-check that the inbound rule allows traffic on the correct port from the correct IP address. Also verify that "Publicly accessible" is enabled on the RDS instance.
Authentication Failed
If the connection reaches the server but authentication fails, verify the username and password. RDS master passwords are case-sensitive. If you reset the password in the AWS Console, make sure to update it in the platform's connection settings as well.
SSL Required
Some RDS instances are configured to require SSL connections. The platform supports SSL automatically for RDS connections. If you see an SSL-related error, check the connection settings for SSL options and ensure they are enabled.
Database Not Found
If the connection succeeds but the database is not found, verify the database name. RDS instances can contain multiple databases. The default database created with the instance might have a different name than what you entered. Check the RDS console or connect with a client to list available databases.
Using Read Replicas
If you have an RDS read replica, consider connecting the AI platform to the replica instead of the primary instance. This isolates AI query load from your application's database traffic and eliminates any risk of accidental write operations affecting production data. Read replicas have their own endpoint URL that you use in the connection settings.
Connect your AWS RDS database to AI and start querying your data in plain English.
Get Started Free