Amazon Web Services (AWS) offers a versatile set of tools for building and managing scalable infrastructure. A secure connection between a Windows EC2 instance and an Amazon RDS (Relational Database Service) database is a must for data-driven applications. PuTTY, a reliable SSH and telnet client for Windows, is essential in establishing a secure connection by constructing an encrypted tunnel between the EC2 instance and the RDS database.

Ensure Secure Communication

Establishing a secure connection is essential for protecting sensitive data during transit. PuTTY creates an SSH tunnel that encrypts the communication route between the Windows EC2 instance and the RDS database, adding another layer of protection to data exchanges.

Primary requisite:

Ensure you have both a Windows EC2 instance and an Amazon RDS database set up in your AWS account.

Download PuTTY:

Download and install PuTTY on your Windows system, if you don’t have.

Identify RDS Endpoint: 

Obtain the endpoint of your RDS database from the RDS Dashboard in AWS Management Console RDS Dashboard.

Generate a Key Pair:

AWS generate the key pair for authentication. The private key format is in .pem format, which is not accepted by PuTTY. So, PuTTY uses PuTTYgen to convert the private key .pem to .ppk format.

Configure PuTTY:

Open PuTTY configuration Window, enter the IP address and Public DNS of AWS instance in the Hostname Section. 

On the left side, navigate to Connection>SSH>Auth.

Double-click on the Auth section and Credential option here. Then click on the browse section and open the save private key which convert into the .ppk format.

Create SSH Tunnel:

In PuTTY configuration Window.

On the left panel, navigate to Connection>SSH>Auth>Tunnels.

Enter the source port (for example, 3306) and the destination (RDS endpoint and port, for example, rdsendpoint:965).

Select the Local port. Click Add.

Establish the connection:

Return to the Session category, enter a name in the Saved Sessions section, then click Save to save it for later use.

Click Open to establish the PuTTY session.

EC2 Database Connection:

With the PuTTY session open, the SSH tunnel is established. You can now connect to the RDS database from the EC2 instance as if it were a local database.

Database Operations:

Use database client tools installed on the Windows EC2 instance (e.g., MySQL Workbench) to perform operations on the RDS database securely through the SSH tunnel.

Note:

The SSH tunnel created by PuTTY ensures that data passed between the EC2 instance and the RDS database is encrypted, enhancing security.

Make sure that the security groups connected with the EC2 instance and the RDS database allow all necessary traffic.

Change the port numbers and configurations according to the database engine and requirements.

In conclusion, using PuTTY to establish a secure connection from a Windows EC2 instance to an Amazon RDS database requires proper settings to enable encrypted and secured data flows.

Recent post:

How can you use PuTTY Port Forwarding to Access Oracle Services running on a Remote Server? 

How to turn off error Logging in PuTTY when Connecting to a Cisco Device? 

How can I Transfer a File to Debian Mail Server using PuTTY? 

How to resolve the “Server host key did not match the signature supplied" error in AWS? 

How to Troubleshot the "connection timeout" error in AWS when connect by using PuTTY?