Amazon – AWS – Free Tier – RDS – Create Instance


Create Instance

Launch a DB Instance

We access our region specific RDS Dashboard ( )

DB Instances Exists

If DB Instances exists, the count of DB Instances will be listed besides the “DB Instances” item.



DB Instances Do Not Exist

If DB Instances do not exist.


  1. Region Specific





Select an engine


Here is the initial screen for choosing the DB Engine.

We can see that the default is Amazon Aurora.



SQL Server

Once we select SQL Server, we can see the editions of SQL Servers available – Express, Web, Standard, and Enterprise.

SelectEngineSQLServer (Express-Web--StandardEdition--EnterpriseEdition)


SQL Server Express

Again, we go the free route.

And, so we will choose “Microsoft SQL Server Express Edition”.

Specify DB Details




Constrain to Free Tier – Off

When we do not have free tier checked here is our screen.



  1. db.t2.micro – 1 vpc, 1 Gib RAM
  2. db.t2.micro – 1 vpc, 0.613 Gib RAM


Constrain to Free Tier – On

When we have free tier checked here is our screen.


  1. A single db.t2.micro instance
  2. 20 GB of storage
  1. Allows new AWS customers to gain hands-on experience with Amazon RDS
DB Instance Class
  1. db.t2.micro – 1 vpc, 1 Gib RAM
  2. db.t2.micro – 1 vpc, 0.613 Gib RAM






  1. DB Engine :- sqlserver-ex
  2. License Model :- license-included
  3. DB Engine Version :- 12.00.4422.0.v1
  4. DB Instance Class :- db.t1.micro — 1 vCPU, 1 GiB RAM
  5. Storage Type :- Magnetic
  6. Allocated Storage :- 20 GB
  7. Storage Type :- Magnetic
  8. Allocated Storage :- 20 GB
  9. DB Instance Identifier :- adriel
  10. Master username :- sa
  11. Master Password :- xxxx
  12. Confirm Password :- xxxx

Btw, the name adriel means “flock of God“; as seen here


Configure Advanced Settings



Configure Advanced Settings – Network & Security

ConfigureAdvancedSettings - Network & Security


Configure Advanced Settings – Microsoft SQL Server Windows Authentication

ConfigureAdvancedSettings - Microsoft SQL Server Windows Authentication


Configure Advanced Settings – Database Options

ConfigureAdvancedSettings - Database Options

Configure Advanced Settings – Backup

ConfigureAdvancedSettings - Backup


Configure Advanced Settings – Monitoring

ConfigureAdvancedSettings - Monitoring

Configure Advanced Settings – Maintenance

ConfigureAdvancedSettings - Maintenance



Your DB Instance Is Being Created


We are told that our “Database Instance is being created“….

And, assigned a couple of follow up items.  And, those are:

  1. Configure Security group
  2. Consider Amazon Elasticache
    • Memcached
    • Redis-compatible in-memory cache


Review Database Instance Creation Progress


  1. Region Specific URL


Status – Creating



  1. Engine :- SQL Server Express
  2. DB Instance :- adriel
  3. Status
    • Creating
    • backing-up
  4. Class :- db.t2.micro
  5. VPC :- vpc-75d97a11
  6. Multi-AZ :- N/A
  7. Replication Role
  8. Encrypted :- No

Status – Backing-up



Status – available




VPC Dashboard

VPC Resources

Here are our currently assigned VPC Resources



VPC Resources

Here is a current list of VPC Resources


Which one is our SQL Server Instance using?

Here is one way to determine our DB Instance’s VPC:

  1. Access RDS Dashboard


DB Instance



VPC Resource – VPC Selected



  1. VPC ID :- vpc-75d97a11
  2. State :- available
  3. VPC CIDR :-
  4. Route Table :- rtb-8ba921ef
  5. Network ACL :- acl-2b06b44f



There are a couple of choices for guiding our DB Instance availability.

Those choices are Network ACLs and Network Groups.

Security Groups


  1. Region Specific


Here are the Network Groups that are currently assigned to us:




Which Security Groups?

Which security groups are relevant to our VPC

  1. VPC
    • We know that our VPC is vpc-75d97a11
      • And, so we will ignore Group ID sg-a95d78ce, at this time
      • And, focus on sg-32fbc955 ( default ) and sg-07fbc960 ( rds-launch-wizard )

Took to the Net and found

What are the default security groups created when I set up AWS EB for the first time?


Here is Scuba Dev’s response

  1. rds-launch-web
    • When you manually launch an EC2 VM from the web console, AWS will provide you with the option of reusing an existing security group or creating a new one.
    • When you create a new one, the default rule is SSH (port 22) and a default security group name of “launch-wizard-#“.
  2. default

It looks like either will do.

Out of curiosity let us dig deeper, by clicking on each security group and reviewing its present construct.

VPC Security Group – default



VPC Security Group – RDS Launch Wizard



Group Name Group ID Type Product Port Range Source
Default sg-32fbc955
 All Traffic  ALL  ALL  sg-32fbc955
rds-launch-wizard  sg-07fbc960
 MS SQL (1433)  TCP (6)  1433




  1. Default
    • The default group is wide open
  2. RDS Launch Wizard
    • Type = MS SQL Server (1433)
    • Product = TCP (6)
    • Port Range = 1433
    • Source = / 32
      • Because the subnet is 32, the range is the lone host ( )

Specificity is good here and so we will choose the “RDC Launch Wizard”

Security Groups – RDC Launch Wizard

Expand to Self

Get Public IP Address

Authorizing Access to an instance
Decide who requires access to your instance; for example, a single host or a specific network that you trust. In this case, we use your local system’s public IP address. You can get the public IP address of your local computer using a service. For example, we provide the following service: To locate another service that provides your IP address, use the search phrase “what is my IP address”. If you are connecting through an ISP or from behind your firewall without a static IP address, you need to find out the range of IP addresses used by client computers.

When we access, we received


As suggested, you can simply google same, what is my ip address ( ).


Review & Add Public IP Address

Let us expand our IP Addresses by adding our public IP Address

Here are the currently listed IP Addresses




Only now did I notice that our public listed IP Address is the one auto-added, in the first place.



Review DB Instance




  1. Endpoint: adriel.[xxxxx]
  2. DB Instance: adriel
  3. Status : available
  4. Connection Information
    • Publicly Accessible : No
    • Master Username: sa
    • Security Group Rules
      • Security Group
        • rds-launch-wizard
          • Type :- CIDR-IP – bound
          • Rule  :-



SQL Server Management Studio

Connect to DB Instance



Error Messages






A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 25 - Connection string is not valid) (.Net SqlClient Data Provider)

Error Number: 87
Severity: 20
State: 0


VPC Security

Allow all hosts

Add All Source

AllIPAddresses - Edit

Review Sources

AllIPAddresses - Completed





Connection Information




Make Publicly Available


Let us make publicly available via CLI



aws rds modify-db-instance --db-instance-identifier [instance-identifier] --publicly-accessible --apply-immediately


aws rds modify-db-instance --db-instance-identifier adriel --publicly-accessible --apply-immediately





Access DB Instance Modify Panel

We can modify the DB instance by doing the following

  1. Access RDS Dashboard
  2. Select the DB Instance
  3. Click on the Instance Actions button
  4. From the drop-down menu, select the Modify option




Modify DB Instance




Review RDS Dashboard – Instance – Connection Information

Same confirmed via RDS Dashboard – Connection Information …



SQL Server Management Studio





We were successfully able to create a new DB Instance.

We accessed the Virtual Private Cloud (VPC) panels to expand the IP Addresses that are allowed access to our DB.

But, unfortunately none of our attempts succeeded.

We thus reverted to making the DB Instance itself publicly available.



AWS – Official

  1. Creating a SQL Server DB Instance and Connecting to a Database on a SQL Server DB Instance
  2. AWS Documentation » Amazon Relational Database Service (RDS) » User Guide » Virtual Private Clouds (VPCs) and Amazon RDS » Scenarios for Accessing a DB Instance in a VPC
  3. AWS Documentation » Amazon Relational Database Service (RDS) » User Guide » MySQL on Amazon RDS » Modifying a DB Instance Running the MySQL Database Engine
  4. AWS Documentation » Amazon Relational Database Service (RDS) » User Guide » Amazon RDS DB Instance Lifecycle » Modifying a DB Instance and Using the Apply Immediately Parameter
  5. AWS Documentation » Amazon Relational Database Service (RDS) » User Guide » Virtual Private Clouds (VPCs) and Amazon RDS » Working with an Amazon RDS DB Instance in a VPC
  6. AWS Documentation » Amazon Relational Database Service (RDS) » User Guide » Amazon RDS DB Instance Lifecycle » Renaming a DB Instance
  7. AWS Documentation » Amazon Virtual Private Cloud » Getting Started Guide » Getting Started with Amazon VPC » Step 2: Create a Security Group
  8. Authorizing Inbound Traffic for Your Linux Instances



  1. Modify DB Instance


Network CIDR

  1. Setting CIDR/IP so anyone can access it from any IP?


Sample Implementation

  1. MySQL
  2. Apache
  3. MS SQL Server


  1. What are the default security groups created when I set up AWS EB for the first time?



  1. AWS Cloud – Network Security and Access Control in AWS

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s