SQL Secure lets you connect with Amazon instances in the following cases:
AWS Directory Service lets you run Microsoft Active Directory (AD) as a managed service. For more details, please go through AWS documentation
VPN tunnel is required to access SQL Server on Amazon EC2 and RDS from on-premise AD using windows authentication. Setting up VPN tunnel requires to essential steps:
You can find the steps to configure the AWS in the following link:
This configuration mainly depends on the gateway device used. Identify the approach to create tunnel according the network being used. AWS provides the local gateway side configuration for many networks, like fortinet, as an example:
To use your existing AD infrastructure with AWS Managed Microsoft AD, trust relationship has
to be established between both domains. Use the following documentation:
After establishing trust, you can connect to AWS EC2 instances using your on-premise AD.
Note: To log in into SQL Server on EC2 instance or RDS from on-premise using windows
authentication, you can add on-premise active directory users to SQL Server Security -> Logins.
Security groups let you control and identify the kind of the traffic that can reach to your instance. Your default and created security groups include default rules that do not enable you to access your instance from the Internet. To enable network access to your instance, you must allow inbound traffic to your instance. To open a port for inbound traffic, add a rule to a security group that you associated with your instance when you launched it.
Choose Instances in the navigation pane of the Amazon EC2/RDS console. Select your instance and look at the Description tab. A list of the security groups related with the instance displays. Choose view inbound rules to display a list of the rules that are in effect for the instance.
Note: Note that other ports may be required depending on the respective environment.
The login used for RDS for SQL Server needs permissions, right click on the log in and select Properties, then choose Securables and check Grant for:
|