Connect AWS RDS Postgres

Colleen Schnettler

March 21, 2024

AWS Setup for HelloQuery

If you’d like to connect an AWS RDS database on a private VPC to HelloQuery, there are a few additional steps you’ll have to take to whitelist our IPs.

Here at HelloQuery we take security very seriously, and to give you the best possible experience we’ll manually setup a secure SSH tunnel for you. You can add the security rules, test the connection, and reach out once you’re ready. It takes less than 24 hours after we receive your request to create the tunnel.

Table of Contents

Make your db publicly accessible

The initial step in establishing a connection between your AWS RDS instance and HelloQuery involves configuring your database to be publicly accessible. This configuration does not expose your database to the public internet indiscriminately but is necessary for specifying more granular inbound security rules that will control access.

Access the Database Dashboard:

Select Your Database Instance:

Modify the Database Instance:

See the screenshow below for reference:


Next, click on “Additional configuration”


Next select “Publicly Accessible”. Click on “Continue” and then “Save”.


Create Inbound Security Rules

Next you’ll need to edit the inbound security rules of your database's VPC security group. If the database instance was created in a VPC, it must have a VPC security group that authorizes connections.

Should you encounter any difficulties or require additional information, AWS provides comprehensive documentation on this topic, available at AWS RDS Security Group Documentation.

You can modify your existing security group or create a new one. From your database page, click on your security group as shown in the screenshot below.


Continue to click through to your security group ID.


Click on “Edit Inbound Rules”


Temporarily Allow All IP Addresses

To ensure that your AWS RDS database can successfully connect to HelloQuery (HQ), it's recommended to perform a connection test. This involves temporarily allowing all IP addresses to access your database. Note: This step is for testing purposes only and should be reversed after the test to maintain security.

Add a New Inbound Rule:


Apply the Rule:

Whitelisting HelloQuery's Static IP Addresses

While in the security group section, you’ll want to add the HelloQuery IPs.

Add Whitelist Rules:

Finalize the Rules:


Test HelloQuery Connection

After configuring the inbound security rules in your AWS RDS security group, the next step is to verify that HelloQuery can successfully connect to your AWS RDS instance. This preliminary test ensures that the credentials and network configurations are correctly set up for a secure connection.

Sign In to HelloQuery:

Configure a Test Connection:

Click “Test Connection”:

Important Note:

This will not be your permanent connection, we’ll create a new connection after your SSH tunnel is created.


Establish Your Custom SSH Tunnel

Upon verifying the initial connection between your AWS RDS instance and HelloQuery, the next step is to create a custom SSH tunnel. This process is managed directly by our support team to ensure a secure, efficient setup.

Initiating the Setup Process

Contact Support:

Security Reminder:

What Happens Next?

Final Security Measures

Get Started with HelloQuery

Your AWS RDS instance is securely connected, and you're ready to use HelloQuery. Dive into data analysis and management with confidence, knowing our support team is here if you need us. Thank you for choosing HelloQuery. Let the report building begin!