If you’re building applications on AWS, you often need to connect your EC2 instance (which hosts your app or website) to an Amazon RDS database for data storage. AWS makes this connection easy with an automatic connection feature that configures the necessary security settings for you.
In this tutorial, I’ll walk you through how to automatically connect an EC2 instance to an RDS database using the AWS Management Console.
Why Use the Automatic Connection Feature?
When connecting EC2 to RDS manually, you have to configure security groups to allow communication between them. This can be tricky and error-prone.
The automatic connection feature takes care of:
-
Creating security groups for your EC2 instance and RDS database
-
Setting up inbound/outbound rules that allow traffic only between the two
-
Ensuring least privilege security
This lets you focus on building your application without worrying about network configuration details.
Prerequisites
-
AWS account with permission to create EC2 and RDS resources
-
Basic familiarity with AWS Management Console
-
EC2 instance and RDS database in the same AWS Region and same VPC
Option 1: Automatically Connect EC2 to RDS Using the EC2 Console
Step 1: Launch an EC2 Instance
-
Open the EC2 Console in AWS.
-
Click Launch Instances.
-
Select your preferred AMI (e.g., Ubuntu Server).
-
Choose instance type (e.g., t2.micro for free tier).
-
Configure instance details — make sure to launch the instance in your desired VPC.
-
Add storage and tags as needed.
-
In Configure security group:
-
You can create a new security group or select an existing one.
-
Don’t worry about database access yet; this will be handled automatically.
-
-
Launch your instance.
Step 2: Create or Identify an RDS Database
-
Open the RDS Console.
-
Click Databases > Create database.
-
Choose MySQL or any database engine you prefer.
-
Choose Standard create and fill in the necessary fields.
-
Important: Choose the same VPC as your EC2 instance.
-
Complete other settings and create the database.
Step 3: Automatically Connect the EC2 Instance to RDS
-
Go back to the EC2 Console.
-
Select your EC2 instance.
-
In the Actions dropdown, choose Connect to database.
-
Select your RDS database from the list.
-
AWS will automatically:
-
Create and assign two security groups:
-
One for the EC2 instance (outbound rule to RDS security group).
-
One for the RDS database (inbound rule from EC2 security group).
-
-
Configure the security group rules to allow traffic on the database port (usually 3306 for MySQL).
-
-
You will see a confirmation once this setup completes.
Option 2: Automatically Connect EC2 to RDS Using the RDS Console
Alternatively, you can do the automatic connection starting from the RDS Console.
-
Open the RDS Console.
-
Select your database.
-
Click the Actions dropdown.
-
Choose Connect to instance.
-
Select your EC2 instance.
-
AWS will automatically create the security groups and configure access rules just like in Option 1.
How It Works Under the Hood
-
Two security groups are created:
-
EC2 security group with outbound access to the RDS security group.
-
RDS security group with inbound access from the EC2 security group.
-
-
This separation allows better security management and least privilege access.
-
EC2 can now securely communicate with RDS on the database port (e.g., 3306).
What’s Next?
-
Connect to your EC2 instance and test the database connection using your database client or application.
-
Use the RDS database endpoint and credentials in your app’s configuration.
-
If you’re running a WordPress site, for example, you would enter the RDS endpoint and DB credentials during setup.
Summary
Automatically connecting your EC2 instance to your RDS database via the AWS Management Console:
-
Saves time and reduces mistakes configuring security groups
-
Ensures secure, least-privileged communication between resources
-
Makes your AWS architecture cleaner and easier to manage
Leave a Reply