AWS, Cloud Computing

4 Mins Read

A Guide on Establishing a Private Connection between Amazon RDS and Amazon QuickSight


Organizations increasingly turn to cloud services for their data analytics needs in today’s dynamic business landscape, where data is a critical asset. As this migration occurs, ensuring the security of data analytics becomes paramount. This comprehensive guide is designed to establish a secure and private connection between your Amazon RDS and Amazon QuickSight instances. By configuring your Amazon RDS instance within a private subnet and implementing the necessary security measures, you can create an enhanced and protected environment for seamless data analysis.


As businesses harness the power of cloud services, safeguarding sensitive data during analytics processes is a top priority. This guide is tailored to assist you in creating a secure and private connection between Amazon RDS and Amazon QuickSight.

The key components of this process involve configuring security groups, establishing an Amazon Virtual Private Cloud (VPC) connection, and creating a designated data source within Amazon QuickSight.

Following these steps ensures your data remains secure while leveraging the benefits of cloud-based analytics.

Pioneers in Cloud Consulting & Migration Services

  • Reduced infrastructural costs
  • Accelerated application deployment
Get Started


  • AWS Account with necessary permissions.
  • Amazon QuickSight enterprise account with admin access.
  • Amazon RDS instance (MySQL) in a private subnet.

Step-by-Step Guide

Step 1: Create a Security Group for Amazon QuickSight

  • Go to the Amazon VPC console and identify the Amazon VPC of your Amazon RDS instance.
  • Create a new security group for Amazon QuickSight inside the same VPC (e.g., quicksight_sg).
  • Configure inbound rules: All TCP, Port Range: 0 – 65535, Source: Security group ID of your Amazon RDS instance.
  • Configure outbound rules: Custom TCP Rule, Port Range: 3306 (MySQL), Destination: Security group ID of your Amazon RDS instance.




Step 2: Modify the Security Group of the Amazon RDS instance

  • Navigate to the Amazon RDS console.
  • Access the security group associated with your RDS instance.
  • Add an inbound rule: Custom TCP Rule, Port Range:3306, Source: QuickSight security group ID.



Step 3: Create a Private Connection in Amazon QuickSight

  • In the AWS Management Console, use the search bar and enter “Amazon QuickSight”
  • Log in to your Amazon QuickSight account by providing the account name, username, and password.
  • Once you log in successfully, then on the top-right corner of the screen, click on the user icon. From the drop-down menu, select “Manage QuickSight”
  • On the left side of the QuickSight management console, locate and click on “Manage VPC Connection”
  • Click on the “Add VPC Connection” In the prompted form, fill in the following details:
  1. VPC ID: Select the VPC of your RDS instance.
  2. Subnet ID: Choose the private subnet where the RDS instance resides.
  3. Security Group ID: Enter the ID of the QuickSight security group.
  4. Execution Role: Choose the Amazon QuickSight service role.

Once you have entered the required information, click the “Add” button to create the VPC connection. Once it is created, we must wait to see if the Amazon VPC connection status becomes available.



Step 4: Create a Datasource in Amazon QuickSight for Data Validation

  • In the QuickSight console, go to the “Datasets”
  • Choose “New dataset” and select the “RDS”
  • Provide configurations and select the VPC connection created in Step 3.
  • Configure connection details, including the database name, endpoint, and authentication credentials for data validation.




Following these steps, you’ve successfully established a private connection between your Amazon RDS instance and Amazon QuickSight, ensuring secure data access for authorized services. This robust configuration provides a foundation for leveraging the full potential of cloud-based data analytics while maintaining the highest security standards.

Drop a query if you have any questions regarding Amazon RDS instance or Amazon QuickSight and we will get back to you quickly.

Empowering organizations to become ‘data driven’ enterprises with our Cloud experts.

  • Reduced infrastructure costs
  • Timely data-driven decisions
Get Started

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, and many more.

To get started, go through our Consultancy page and Managed Services PackageCloudThat’s offerings.


1. Why is establishing a private connection between Amazon RDS and Amazon QuickSight necessary?

ANS: – Ensures data security in a cloud analytics environment by enabling communication within a secure, isolated network, safeguarding sensitive data from threats and unauthorized access.

2. How do I verify the successful establishment of the Amazon VPC connection in Amazon QuickSight?

ANS: – Check the “Manage VPC Connection” status on the Amazon QuickSight console; it should change to “Available.” Be patient, as the connection may take time to be fully established.

3. Is it possible to establish a private connection between Amazon RDS and Amazon QuickSight if they are in different AWS accounts or regions?

ANS: – Yes, but it requires additional considerations and configurations.


Anusha works as Research Associate at CloudThat. She is an enthusiastic person about learning new technologies and her interest is inclined towards AWS and DataScience.



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!