DEV Community

leroykayanda
leroykayanda

Posted on

Connecting to a private AWS RDS DB using SSM

Setup a small EC2 instance in a private subnet. Set up IAM roles to ensure it can be accessed via SSM. Ensure its security group allows outbound access to RDS.

Install the session manager plugin.

Run this command to open up a tunnel from your PC to RDS.

aws ssm start-session \
--target i-xxxx \
--document-name AWS-StartPortForwardingSessionToRemoteHost \
--parameters host="db-endpoint",portNumber="5432",localPortNumber="5432"
Enter fullscreen mode Exit fullscreen mode

i-xxxx is your bastion. You can now connect to the DB using 127.0.0.1 as the endpoint and 5432 as the port. Example using Psql

psql -h 127.0.0.1 -p 5432 -U db_user -d db_name
Enter fullscreen mode Exit fullscreen mode

This will also work using PgAdmin.

See also Connect to AWS RDS using IAM credentials

Top comments (0)