How does the SQL engine work

Connect to a DB Instance in the Microsoft SQL Server Database Engine

After Amazon RDS provisions your DB instance, you can connect to it using any standard SQL client application. This topic describes how to connect to the DB instance using Microsoft SQL Server Management Studio (SSMS) or SQL Workbench / J.

For an example of how to create and connect a sample DB Instance, see Create and Connect a Microsoft SQL Server DB Instance.

Connect to your DB Instance using Microsoft SQL Server Management Studio

In this procedure, you connect to your sample DB instance using Microsoft SQL Server Management Studio (SSMS). To download a stand-alone version of this utility, see Downloading SQL Server Management Studio (SSMS) in the Microsoft documentation.

How to connect to a DB instance using SSMS

  1. Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the upper right corner of the Amazon RDS console, select the AWS Region of your DB instance.

  3. Find the Domain Name System (DNS) name and port number for your DB instance:

    1. Open the RDS console and select Databases to view a list of your DB instances.

    2. Select the name of the SQL Server DB Instance to view its details.

    3. Copy on the tab Connectivity & security (connection and security) the end point. Also make a note of the port number. You need both the endpoint and the port number to connect to the DB instance.

  4. Start SQL Server Management Studio.

    The dialog box Connect to server (Connect to server) appears.

  5. Provide the information for your DB instance:

    1. Choose for Server type the option Database engine out.

    2. Give for Server name Enter the DNS name and port number for your DB instance separated by commas.

      Change the colon between the DNS name and the port number to a comma.

      Your server name should look like this.

    3. Choose for Authentication the option SQL Server authentication out.

    4. Enter under Login (login name) Enter the primary username for your DB instance.

    5. Enter under Password Enter the password for your DB instance.

  6. Choose Connect out.

    After a few moments, SSMS establishes the connection to the DB instance. For more information if you cannot connect to the DB instance, see Security Group Considerations and Troubleshooting Connections to Your SQL Server DB Instance.

  7. Your SQL Server DB instance has built-in standard SQL Server system databases (,, and). To explore the system databases, do the following:

    1. In SSMS, select from the menu view the option Object explorer out.

    2. Expand the DB instance, then expand Databases and System databases.

  8. The SQL Server DB instance also includes a database named. Amazon RDS uses this database to store the objects for database administration. The database also contains stored procedures that you can run to perform advanced tasks. For more information, see Common DBA Tasks for Microsoft SQL Server.

  9. You can now start creating your own databases and querying the DB instance and databases. To run a test query on the DB instance, do the following:

    1. In SSMS, select from the menu file the option New and then select Query with an existing connection out.

    2. Enter the following SQL query.

    3. Run the query. SSMS returns the SQL Server version of your Amazon RDS DB instance.

Connect to your DB instance with SQL Workbench / J

This example shows how to use the SQL Workbench / J database tool to connect to a DB instance in the Microsoft SQL Server database engine. You can download SQL Workbench / J from SQL Workbench / J.

SQL Workbench / J uses JDBC to connect to the DB instance. You also need the JDBC driver for SQL Server. You can download this driver from Microsoft JDBC Drivers 4.1 (Preview) and 4.0 for SQL Server.

How to connect to a DB instance using SQL Workbench / J

  1. Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the upper right corner of the Amazon RDS console, select the AWS Region of your DB instance.

  3. Find the DNS name and port number for your DB instance:

    1. Open the RDS console, then select Databases to view a list of your DB instances.

    2. Select the name of the SQL Server DB Instance to view its details.

    3. Copy on the tab Connection the end point. Also make a note of the port used by the DB instance.

  4. Open SQL Workbench / J. The dialog box Select Connection Profile is displayed as follows.

  5. In the first field at the top of the dialog box, provide a name for the profile.

  6. Choose at Driver the option.

  7. Enter under Url followed by the endpoint of your DB instance. For example, the URL value could be something like this.

  8. Enter under Username Enter the main username of the DB instance.

  9. Enter under Password Enter the password for the main user.

  10. In the dialog box toolbar, select the save icon as follows.

  11. click on OK. After a few moments, SQL Workbench / J establishes the connection to the DB instance. For more information if you cannot connect to the DB instance, see Security Group Considerations and Troubleshooting Connections to Your SQL Server DB Instance.

  12. Enter the following SQL query in the query area.

  13. Select the run icon on the toolbar as follows.

    The query returns the version information for your DB instance as shown below.

Security Group Considerations

To connect to your DB instance, your DB instance must be assigned to a security group. This security group contains the IP addresses and network configuration that you use to access the DB instance. You may already have assigned a suitable security group to the DB instance when you created it. If you assigned a default, unconfigured security group when you created your DB instance, your DB instance's firewall prevents any connection attempt.

In some cases, you may need to create a new security group to enable access. If so, the type of security group to create depends on the Amazon EC2 platform on which your DB instance resides. For more information about how to determine which platform to use, see Determine Which Platform You Are Using: EC2-VPC or EC2-Classic. Basically, you create a DB security group if your DB instance is on the EC2-Classic platform. If your DB instance is on the VPC platform, create a VPC security group.

For instructions on how to create a new security group, see Access Control Using Security Groups. For a step-by-step guide to setting up rules for your VPC security group, see Tutorial: Creating an Amazon VPC for Use with a DB Instance.

After you've created the new security group, modify your DB instance to associate the security group with it. For more information, see Modifying an Amazon RDS DB Instance.

You can increase the level of security using SSL to encrypt connections to your DB instance. For more information, see Using SSL with a Microsoft SQL Server DB Instance.

Troubleshooting connections to your SQL Server DB instance

The following table shows error messages that you might encounter when trying to connect to your SQL Server DB instance. For more information about connectivity issues, see Unable to Connect to Amazon RDS DB Instance.

problemTroubleshooting suggestions

Make sure you have entered the server name correctly. Give for Server name Enter the DNS name and port number for your sample DB instance, separated by commas.

If you have a colon between the DNS name and the port number, change the colon to a comma.

Your server name should look like the following example.

The DB instance can be reached, but the connection attempt was refused. This problem is usually caused by incorrectly specifying the username or password. Check the username and password and try again.

The access rules enforced by your local firewall and the IP addresses authorized to access your DB instance may not match. The problem is most likely the inbound rules in your security group.

Your database instance must be publicly accessible. To connect from outside the VPC, the instance must be assigned a public IP address.

Licensing SQL Server on Amazon RDS
Update applications for new SSL / TLS certificates