Before you use Amazon Relational Database Service for the first time, complete the following tasks. Show If you already have an AWS account, know your Amazon RDS requirements, and prefer to use the defaults for IAM and VPC security groups, skip ahead to Getting started with Amazon RDS. Sign up for an AWS accountIf you do not have an AWS account, complete the following steps to create one. AWS sends you a confirmation email after the sign-up process is complete. At any time, you can view your current account activity and manage your account by going to https://aws.amazon.com/ and choosing My Account. Create an administrative userAfter you sign up for an AWS account, create an administrative user so that you do not use the root user for everyday tasks. Create an administrative user
Sign in as the administrative user
Create IAM user access keysAccess keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. If you don't have access keys, you can create them from the AWS Management Console. As a best practice, do not use the AWS account root user access keys for any task where it's not required. Instead, create a new administrator IAM user with access keys for yourself. The only time that you can view or download the secret access key is when you create the keys. You cannot recover them later. However, you can create new access keys at any time. You must also have permissions to perform the required IAM actions. For more information, see Permissions required to access IAM resources in the IAM User Guide. To create access keys for an IAM user
Related topics Determine requirementsThe basic building block of Amazon RDS is the DB instance. In a DB instance, you create your databases. A DB instance provides a network address called an endpoint. Your applications use this endpoint to connect to your DB instance. When you create a DB instance, you specify details like storage, memory, database engine and version, network configuration, security, and maintenance periods. You control network access to a DB instance through a security group. Before you create a DB instance and a security group, you must know your DB instance and network needs. Here are some important things to consider:
When you have the information you need to create the security group and the DB instance, continue to the next step. Provide access to your DB instance in your VPC by creating a security groupVPC security groups provide access to DB instances in a VPC. They act as a firewall for the associated DB instance, controlling both inbound and outbound traffic at the DB instance level. DB instances are created by default with a firewall and a default security group that protect the DB instance. Before you can connect to your DB instance, you must add rules to a security group that enable you to connect. Use your network and configuration information to create rules to allow access to your DB instance. For example, suppose that you have an application that accesses a database on your DB instance in a VPC. In this case, you must add a custom TCP rule that specifies the port range and IP addresses that your application uses to access the database. If you have an application on an Amazon EC2 instance, you can use the security group that you set up for the Amazon EC2 instance. You can configure connectivity between an Amazon EC2 instance a DB instance when you create the DB instance. For more information, see Configure automatic network connectivity with an EC2 instance. For information about common scenarios for accessing a DB instance, see Scenarios for accessing a DB instance in a VPC. To create a VPC security group
You can use the VPC security group that you just created as the security group for your DB instance when you create it. If you use a default VPC, a default subnet group spanning all of the VPC's subnets is created for you. When you create a DB instance, you can select the default VPC and use default for DB Subnet Group. After you have completed the setup requirements, you can create a DB instance using your requirements and security group. To do so, follow the instructions in Creating an Amazon RDS DB instance. For information about getting started by creating a DB instance that uses a specific DB engine, see the relevant documentation in the following table. |