AWS General Immersion Day > Database - Amazon RDS > Amazon RDS MySQL Hands on Lab > Access RDS from EC2

Access RDS from EC2

Allow the web server to access the secret

Now that you have created a secret, you must give your web server permission to use it. To do this, we will create a Policy that allows the web server to read a secret. We will add this policy to the Role you previously assigned to the web server.

1.If you have not already done so, create an IAM Instance Profile as described in Connect to your Linux instance using Session Manager.

2.Sign in to the AWS Management Console and open the IAM console . In the navigation pane, choose Policies, and then choose Create Policy.

3.Click Choose a service. Type Secrets Manager into the search box. Click Secrets Manager.Under Access level, click on the carat next to Read and then check the box by GetSecretValue. Click on the carat next to Resources. For this lab, select All resources. Click Next: Tags.

4.On the Review Policy* screen, give your new policy the name ReadSecrets. Click Create policy.

5.In the navigation pane, choose Roles and type SSMInstanceProfile into the search box. This is the role you created previously in Connect to your Linux instance using Session Manager. Click SSMInstanceProfile.

6.Under Permissions policies, click Attach policies.

7.Search for the policy you created called ReadSecrets. Check the box and click Attach policy.

Try the Address Book

1.Navigate to the EC2 console and find the web server you launched in the EC2 Linux Hands-On Lab. Note your web server’s public IP.

2.Open a new tab and reconnect to your web server’s public IP. Click RDS.You should now see a simple page displaying all of the information from the database you just created.

This is a very basic example of a simple address book interacting with a MySQL database managed by AWS. RDS can support much more complicated relational database scenarios, but we hope this simple example will suffice to demonstrate the point.

Feel free to play around with the address book and add/edit/remove content from your RDS database by using the Add Contact, Edit, and Remove links in the Address Book.

Great Job: You have successfully deployed and utilized an AWS managed MySQL database!!!

Would you like to continue your learning? See the two below optional labs you can try out around snapshots and changing instance size.