profile

AWS for the Real World

You put your database in a private subnet. Good luck connecting to it.

Published about 1 month ago • 1 min read
AWS FOR THE REAL WORLD
⏱️
Reading time: 7 minutes
🎯
Main Learning: Learn how to securely connect to your RDS database in a private subnet using an EC2 jumphost and AWS Session Manager. No SSH keys needed.
📝

Hey Reader 👋🏽

Hope you had a great Christmas with your loved ones 🎄

Tobi and I spent a few days in Berlin consulting with a startup, then caught the last sunny days in Munich before winter really hits.

This week: how to actually connect to your RDS database in a private subnet.

Every AWS certification tells you to put databases in private subnets. Great advice. But nobody explains what happens when you need to run a query and realize... you can't reach it from your laptop.

I've seen senior developers stuck on this. It's one of those gaps between exam knowledge and real-world work.

You'll need access when you want to:

  • Inspect your data
  • Test queries
  • Run migrations

We recorded this as a YouTube video if you'd rather watch than read:

video preview

News

First, a few AWS updates worth knowing.

📰 This Week in AWS

💌Amazon SES email validation

If you've ever worked with SES on a scale, you know bounces are hard to tackle. SES now allows you to validate emails using an API! Read More →

💰Cost allocation on USER's attributes

You can now allocate costs based on user's attributes in Identity Center like Cost Center, division, org, etc. Read More →

🌐Lambda Durable Functions are available in 14 regions.

Durable functions are now available in even more regions. Check them out to orchestrate your Lambda steps. Read More →

Our Favrouite: SES now has an email validation API. I'd have needed this on one of my past projects.

Remember: If you let customers send emails, you'll attract spammers. Validating addresses before they hit your system saves you from bounces, complaints, and a trashed sender reputation.

Deep Dive

Now for the main event.

Cover

📚 This Week's Deep Dive

The Problem: Your Database Is Unreachable

Every AWS certification teaches you to put databases in private subnets. That's the right call for security. But when you need to run a query, you realize nobody explained how to actually reach it.

Your RDS instance has no public IP. Your laptop sits outside the VPC. There's no path.

RDS Architecture showing the gap between your laptop and the private subnet

The Solution: EC2 Jumphost with Session Manager

You need a bridge into the private network. Session Manager gives you that bridge without SSH keys, open ports, or a NAT gateway.

The video walks through the full CDK setup, VPC endpoints, and a live demo of the tunnel in action.

🎬 Watch the Full Tutorial →

Prefer reading? Read the blog post instead

That's it for this week. Enjoy the holidays, don't touch prod, and I'll see you in January. 👋🏽

Sandro & Tobi ✌🏽

AWS for the Real World

by Tobi & Sandro

We teach AWS for the real world - not for certifications. Join more than 10,500 developers learning how to build real-world applications on AWS.

Read more from AWS for the Real World

AWS FOR THE REAL WORLD ⏱️ Reading time: 8 minutes 🎯 Main Learning: How to pause Step Function workflows for human approval using the callback pattern 📝 Blog Post 💻 GitHub Repository 🎬 Watch on YouTube Hey Reader 👋🏽 I've used this pattern in almost every project I've built. Whenever you need a human in the loop - approvals, reviews, manual checks - and you still want to see what's happening, Step Functions are perfect. Lambda is my go-to for almost everything. APIs S3 triggers event consumers...

4 days ago • 2 min read

AWS FOR THE REAL WORLD ⏱️ Reading time: 5 minutes 🎯 Main Learning: How to make Claude write production-ready Terraform instead of technical debt 🎬 Watch on YouTube 📝 Blog Post 💻 GitHub Repository Hey Reader 👋🏽 We've been heads-down the past weeks. Preparing the live AMA workshops from Black Friday (sorry for the delay!) and recording new YouTube videos. It's been a lot of fun. Speaking of videos - this week Tobi recorded one you'll want to watch. Here's the problem: LLMs want to close the...

11 days ago • 1 min read

AWS FOR THE REAL WORLD ⏱️ Reading time: 8 minutes 🎯 Main Learning: 5 practical techniques to cut Lambda costs (memory, timeouts, ARM, batching, caching) 📝 Blog Post 🎬 Watch on YouTube Hey Reader 👋🏽 Lambda bills can sneak up on you. One function is often not expensive. But then you scale it up and 💥 it costs you $5,000. Sounds familiar? We had this exact problem with our Shopify fraud detection app. Orders coming in via EventBridge, each triggering its own Lambda.And the bill was $150/month...

20 days ago • 2 min read