Get started with Amazon RDS Custom for SQL Server using an Amazon CloudFormation template (Network setup)

{"value":"[Amazon Relational Database Service (Amazon RDS) Custom](https://aws.amazon.com/rds/custom/) is a managed database service for legacy, custom, and packaged applications that require access to the underlying operating system and database (DB) environment. [Amazon RDS Custom for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/working-with-custom-sqlserver.html) automates setup, operation, and scaling of databases in the cloud, while granting access to the database and underlying operating system to configure settings, install drivers, and enable native features to meet the dependent application’s requirements.\n\nIn this post, we explain how to launch an RDS Custom for SQL Server instance using a predefined Amazon Web Services CloudFormation [templat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-guide.html)e that creates the required network setup ([Amazon Virtual Private Cloud](http://aws.amazon.com/vpc) ([Amazon VPC](https://aws.amazon.com/cn/vpc/?trk=cndc-detail)), subnets, security groups, and so on), [Amazon Web Services Identity and Access Management](http://aws.amazon.com/iam) (IAM) [profile](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-iam-instance-profile.html), [Amazon Web Services Key Management Service](http://aws.amazon.com/kms) (Amazon Web Services KMS) keys, and more. We also launch [Amazon Elastic Compute Cloud](https://aws.amazon.com/ec2/) (Amazon EC2) with a Windows operating system (OS) [Amazon Machine Image](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html) (AMI) and then use that to connect an RDS Custom for SQL Server instance.\n\n### **Prerequisites**\n\nBefore we begin, we assume that you meet the following prerequisites:\n\n- Basic knowledge of CloudFormation templates\n- Understanding of [environment setup for Amazon RDS Custom for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-sqlserver.html)\n\nFor more details, refer to [Creating and connecting to a DB instance for Amazon RDS Custom for SQL Server.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating-sqlserver.html)\n\nThis solution involves the creation and utilization of new Amazon Web Services resources. Therefore, it will incur costs on your account. Refer to [Amazon Web Services Pricing](https://aws.amazon.com/pricing/) for more information.\n\nWe strongly recommend that you set up this in a non-production instance and run the end-to-end validations before you implement this solution in a production environment.\n\n### **Solution overview**\n\nAt a high level, we perform the following steps:\n\n1. Create Amazon Web Services resources using a CloudFormation template\n2. Create an RDS Custom for SQL Server instance using Amazon Web Services console\n3. Create an EC2 instance with a Windows OS AMI\n4. Use [SQL Server Management Studio](https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-ver16) (SSMS) to connect to [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server from the Windows EC2 instance\n5. Configure the [Remote Desktop Protocol](https://docs.microsoft.com/en-us/troubleshoot/windows-server/remote/understanding-remote-desktop-protocol) (RDP) connection to the RDS Custom for SQL Server instance from the Windows EC2 instance\n\nFor this post, we use the us-west-2 Amazon Web Services Region for all setup steps.\n\n### **Create Amazon Web Services resources using a CloudFormation template**\n\nThe following steps explain how to create Amazon Web Services resources using a CloudFormation template:\n\n1. Save the file [json](https://aws-blogs-artifacts-public.s3.amazonaws.com/artifacts/DBBLOG-2413/cfn_rds_custom_sqlserver_nw_setup_v1.json) to your computer\n2. On the Amazon Web Services CloudFormation console, choose **Create stack**\n3. Select **With new resources (standard)**\n4. Select **Template is ready**\n5. For **Template source**, choose **Upload a template file**\n6. For **Choose file**, locate and choose the file that you downloaded earlier\n7. Choose **Next**\n\n\n\n8. For **Stack name**, enter a name. In this example, we use the name ```rds-custom-sqlserver```\n9. In the **Parameters** section, either keep the default parameter values or specify the appropriate values as needed\n\nThe following table summarizes the parameters for our stack creation.\n\n\n\nThe parameter **IPV4 CDR Block of your source** is the public IP address of the instance (where you’re going to connect (RDP) from your EC2 Windows instance). For this post, we’re using Windows desktop; it has the public IP address 101.102.103.104, and we make an RDP connection to the Windows EC2 instance from this Windows desktop. If you don’t specify this value, the RDP connection to the EC2 instance isn’t configured, but you can set this up manually at a later point.\n\nThe parameter **Setup RDP access to RDS Custom SQL Server Instance (private subnets) ?** let’s you enable the RDP connection from the EC2 instance to the RDS Custom for SQL Server instance.\n\n\n\n10. Choose **Next**\n11. On the **Configure stack options** page, choose **Next**\n12. On the **Review** page, for **Capabilities**, select **I acknowledge that Amazon Web Services CloudFormation might create IAM resources with custom names**\n13. Choose **Create stack**\nThe stack creation process might take approximately 10 minutes.\n14. When the stack creation is complete, navigate to the stack (```rds-custom-sqlserver```) and choose the **Resources** tab to review all the resources that were created as part of this CloudFormation template.\n\n\n\n15. On the **Outputs** tab, note the details\n\nThe following table summarizes our sample stack creation outputs.\n\n\n\n### **Create your RDS Custom for SQL Server instance**\n\nWhen the CloudFormation stack creation is complete, we launch an RDS Custom for SQL Server instance. This can be done using Amazon Web Services CLI or Amazon Web Services Console.\n\nTo create your RDS Custom for SQL Server DB instance using Amazon Web Services console, complete the following steps:\n\n1. On the [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) console, in the navigation pane, choose **Databases**.\n2. Choose **Create database** and select **Standard create**.\n3. For **Engine options**, choose **Microsoft SQL Server** for the engine type.\n4. For **Database management type**, choose **[Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom**.\n5. In the **Edition** section, choose the DB engine edition that you want to use. In this example, we choose **SQL Server Web Edition**.\n6. For **Database version**, choose your database version. For this post, we choose the default SQL Server 2019 engine available version.\n\n\n\n7. In the **Settings** section, for **DB instance identifier**, enter a unique name. In this example, we use the name ```test-rds-custom-sqlserver```.\n8. In the **Credential Settings** section, enter the primary user name and password, and choose **Confirm password**.\n9. In the **Instance configuration** section, choose a value for **DB instance class**.\n10. In the **Storage** section, specify your values for **Storage Type**, **Allocated Storage**, and **Provisioned IOPS**. In this example, we specify **Storage type** as io1, **Allocated storage** as 100, and **Provisioned IOPS** as 3000.\n11. In the **Connectivity** section, specify the VPC, subnet group, and security groups details, using the output values from our stack creation. For this post, we enter the following:\na. **VPC** – ```rds-custom-sqlserver-vpc```\nb. **RDSCustomDBSubnetGroup** – ```rds-custom-sqlserver-db-subnet-group```\nc. **Public access** – No\nd. RDSCustomSecurityGroup – ```rds-custom-sqlserver-rds-custom-instance-sg```(the default security group is auto selected; we remove that and add the actual security group (```RDSCustomSecurityGroup```) that was created as part of stack creation)\ne. **Port** – 1433\n\n\n\n12. In the **RDS Custom security** section, specify the IAM instance profile and KMS key, using the output values from our stack creation. For this post, we enter the following:\na. **RDSCustomIAMInstanceProfile** – ```AWSRDSCustom-rds-custom-sqlserver-us-west-2```\nb. **RDSCustomKMSKey** – ```rds-custom-sqlserver-kms-key```\n\n\n\n13. For **RDS Custom Database Automation**, select **Full Automation**.\n14. Choose **Create database**.\n\n### **Create an [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)AMI with Windows**\n\nTo launch an EC2 instance with a Windows OS AMI, complete the following steps. For this post, we use the new [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)console.\n\n1. On the [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)console, choose **Launch an instance**.\n2. Enter a name (for this post, we use ```ec2-windows-test-node```).\n3. **For Application and OS Image (AMI)** section, search for your Windows AMI. For this example, we choose **Microsoft SQL Server 2019 Express on Windows Server 2019**.\nYou can choose any Windows OS AMI that is compatible and install the SSMS tool on top of it.\n4. For **Instance type**¸ choose your instance type (for this post, we use t2.small).\n5. For **Key pair name**¸ you can choose the key pair you created or create a new one. For this post, we use the existing key pair ```rds-custom-keys```.\n6. In the **Network Settings** section:\n7. For **Network Settings**,\na. Specify the VPC, subnet, and security group details.\nb. For **Auto-assign public IP**, choose **Enable**.\nc. Enter the output values from our stack creation. For this post, we enter the following:\n- **VPC** – ```rds-custom-sqlserver-vpc```\n- **EC2InstancePublicSubnet** – ```rds-custom-sqlserver-public-subnet-1```\n- **EC2InstanceSecurityGroup** – ```rds-custom-sqlserver-ec2-instance-sg```\n\n\n\n8. In the **Configure storage** section, specify the root storage size and volume type.For this example, we use GP2 with 50 GiB storage size\n9. Choose **Launch instance**\n\n### **Use SSMS to connect to [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server from a Windows EC2 instance**\n\nAfter we create the RDS Custom for SQL Server instance and Windows EC2 instance, we make the RDP connection to the Windows EC2 instance, and from there we connect to the RDS Custom for SQL Server instance using SSMS.\n\nIf you didn’t specify the parameter **IPv4 CIDR block of your source** as part of the initial stack creation, the RDP connection to the EC2 instance isn’t configured. If required, you can perform those steps manually.\n\nComplete the following steps to configure an SSMS connection to [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server from a Windows EC2 instance:\n\n1. On the [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)console, search for the underlying EC2 instance of the RDS Custom for SQL Server instance\nThis EC2 instance is created with the naming standard ```do-not-delete-<rds-custom-sqlserver-instance-name>```. In our example, the instance name is ```do-not-delete-test-rds-custom-sqlserver```.\n2. Select the instance and choose **Connect**\n3. Choose **Get password**\n4. Specify the key pair and choose the decrypted password\n5. On the **RDS client** tab, choose **Download remote desktop file**\n\n\n\nIn this example, we make an RDP connection from a Windows desktop host (101.102.103.104) by using the downloaded remote desktop file and decrypted password.\n6. When you’re on the Windows EC2 instance, in the search window, search for SSMS, choose **Connect**, and **Database Engine**\n7. For **Server name**, enter the RDS Custom for SQL Server endpoint, login, and password details that were specified when you created the RDS Custom for SQL Server instance\n8. Choose **Connect**\n\n\n\n### **Configure the RDP connection to the RDS Custom for SQL Server instance from a Windows EC2 instance**\n\nWe now complete the steps to configure the RDP connection to [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server from a Windows EC2 instance.\n\n#### **Set the firewall rules for the underlying EC2 instance of [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server**\n\nComplete the following steps to set up Windows firewall to allow the RDP connection:\n\n1. On the [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)console, search for the underlying EC2 instance of the RDS Custom for SQL Server instance\nThis EC2 instance is created with the naming standard . In our example, the instance name is .```do-not-delete-<rds-custom-sqlserver-instance-name>do-not-delete-test-rds-custom-sqlserver```\n2. Select this instance and choose **Connect**\n3. On the Session Manager tab, choose **Connect**\n\n\n\nA separate Session Manager window opens.\n4. Run the following command to set up a firewall rule to allow the RDP connection：\n\n```\\nSet-NetFirewallRule -DisplayName \\"Remote Desktop - User Mode (TCP-In)\\" -Direction Inbound -LocalAddress Any -Profile Any\\n```\n#### **Retrieve the secret key and download the remote desktop file**\n\nTo create an RDP connection, we need the remote desktop file and Windows login password.\n\nTo get the Windows password, we have to provide the key pair. Complete the following steps to get the key pair details to decrypt the password:\n\n1. From the **Connect to Instance** interface, choose the RDP client.\n2. Download the remote desktop file.\n3. Choose **Get password**.\n\n4. Copy the key pair associated with this instance, key pair name starts with```do-not-delete```as shown in the following figure.\n\n5. On the [Amazon Web Services Secrets Manager](https://aws.amazon.com/secrets-manager/) console, search for this key pair name.\n6. Select the key and choose **Retrieve secret value** to display the content of the RSA private key.\n\n\n\n7. Copy the entire plain text of the secret value, and paste this content into the **Get Windows password** section, as shown in earlier image.\n8. Choose **Decrypt password**.\n\nWe’re now able to see the Windows login and password and save those details for completing the RDP connection.\n\n#### **Complete the RDP connection to the RDS Custom for SQL Server instance**\n\nNow that we have downloaded the remote desktop file and retrieved the Windows password, complete the following steps to complete the RDP connection to the RDS Custom for SQL Server instance:\n\n1. Copy the remote desktop file to the EC2 instance (```ec2-windows-test-node```).\n2. Open the remote desktop file.\n3. Enter the password that you retrieved and saved earlier.\n\nAfter you complete the RDP connection, you can access the OS file system as shown in the following screenshot and perform standard activities on the instance.\n\n\n\n### **Clean up resources**\nIf you no longer require this setup and want to avoid future charges, you can delete the resources that you created as part of this setup (namely, the RDS Custom for SQL Server and Windows EC2 instances). To delete all other resources that were launched as part of the CloudFormation stack, go to the Amazon Web Services CloudFormation console, select the stack, and choose **Delete**.\n\n### **Summary**\nIn this post, we explained how to launch [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server using a CloudFormation template and EC2 instance with a Windows AMI. We performed an RDP connection to the EC2 Windows instance, and from there we connected to [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server using SSMS. Additionally, we made an RDP connection to the RDS Custom for SQL Server instance from the EC2 Windows instance and check the OS file system.\n\nTry out the solution and if you have any comments or questions, leave them in the comments section.\n\n#### **About the authors**\n\n\n\n**Srikanth Katakam** is a Senior Database Engineer at Amazon Web Services. He works on the RDS team, focusing on commercial database engines, RDS Custom and SQL Server. He enjoys working on technical challenges in [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) and is passionate about learning from and sharing knowledge with his teammates and Amazon Web Services customers.\n\n\n\n**Anand Sankar Bhagavandas** is a Senior Software Development Engineer at Amazon Web Services. He works on the design and development of key features in RDS and RDS Custom for SQL Server.","render":"<p><a href=\\"https://aws.amazon.com/rds/custom/\\" target=\\"_blank\\">Amazon Relational Database Service (Amazon RDS) Custom</a> is a managed database service for legacy, custom, and packaged applications that require access to the underlying operating system and database (DB) environment. <a href=\\"https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/working-with-custom-sqlserver.html\\" target=\\"_blank\\">Amazon RDS Custom for SQL Server</a> automates setup, operation, and scaling of databases in the cloud, while granting access to the database and underlying operating system to configure settings, install drivers, and enable native features to meet the dependent application’s requirements.</p>\\n<p>In this post, we explain how to launch an RDS Custom for SQL Server instance using a predefined Amazon Web Services CloudFormation <a href=\\"https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-guide.html\\" target=\\"_blank\\">templat</a>e that creates the required network setup (<a href=\\"http://aws.amazon.com/vpc\\" target=\\"_blank\\">Amazon Virtual Private Cloud</a> ([Amazon VPC](https://aws.amazon.com/cn/vpc/?trk=cndc-detail)), subnets, security groups, and so on), <a href=\\"http://aws.amazon.com/iam\\" target=\\"_blank\\">Amazon Web Services Identity and Access Management</a> (IAM) <a href=\\"https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-iam-instance-profile.html\\" target=\\"_blank\\">profile</a>, <a href=\\"http://aws.amazon.com/kms\\" target=\\"_blank\\">Amazon Web Services Key Management Service</a> (Amazon Web Services KMS) keys, and more. We also launch <a href=\\"https://aws.amazon.com/ec2/\\" target=\\"_blank\\">Amazon Elastic Compute Cloud</a> (Amazon EC2) with a Windows operating system (OS) <a href=\\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html\\" target=\\"_blank\\">Amazon Machine Image</a> (AMI) and then use that to connect an RDS Custom for SQL Server instance.</p>\\n<h3><a id=\\"Prerequisites_4\\"></a><strong>Prerequisites</strong></h3>\\n<p>Before we begin, we assume that you meet the following prerequisites:</p>\n<ul>\\n<li>Basic knowledge of CloudFormation templates</li>\n<li>Understanding of <a href=\\"https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-sqlserver.html\\" target=\\"_blank\\">environment setup for Amazon RDS Custom for SQL Server</a></li>\\n</ul>\n<p>For more details, refer to <a href=\\"https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating-sqlserver.html\\" target=\\"_blank\\">Creating and connecting to a DB instance for Amazon RDS Custom for SQL Server.</a></p>\\n<p>This solution involves the creation and utilization of new Amazon Web Services resources. Therefore, it will incur costs on your account. Refer to <a href=\\"https://aws.amazon.com/pricing/\\" target=\\"_blank\\">Amazon Web Services Pricing</a> for more information.</p>\\n<p>We strongly recommend that you set up this in a non-production instance and run the end-to-end validations before you implement this solution in a production environment.</p>\n<h3><a id=\\"Solution_overview_17\\"></a><strong>Solution overview</strong></h3>\\n<p>At a high level, we perform the following steps:</p>\n<ol>\\n<li>Create Amazon Web Services resources using a CloudFormation template</li>\n<li>Create an RDS Custom for SQL Server instance using Amazon Web Services console</li>\n<li>Create an EC2 instance with a Windows OS AMI</li>\n<li>Use <a href=\\"https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-ver16\\" target=\\"_blank\\">SQL Server Management Studio</a> (SSMS) to connect to [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) Custom for SQL Server from the Windows EC2 instance</li>\\n<li>Configure the <a href=\\"https://docs.microsoft.com/en-us/troubleshoot/windows-server/remote/understanding-remote-desktop-protocol\\" target=\\"_blank\\">Remote Desktop Protocol</a> (RDP) connection to the RDS Custom for SQL Server instance from the Windows EC2 instance</li>\\n</ol>\n<p>For this post, we use the us-west-2 Amazon Web Services Region for all setup steps.</p>\n<h3><a id=\\"Create_Amazon_Web_Services_resources_using_a_CloudFormation_template_29\\"></a><strong>Create Amazon Web Services resources using a CloudFormation template</strong></h3>\\n<p>The following steps explain how to create Amazon Web Services resources using a CloudFormation template:</p>\n<ol>\\n<li>Save the file <a href=\\"https://aws-blogs-artifacts-public.s3.amazonaws.com/artifacts/DBBLOG-2413/cfn_rds_custom_sqlserver_nw_setup_v1.json\\" target=\\"_blank\\">json</a> to your computer</li>\\n<li>On the Amazon Web Services CloudFormation console, choose <strong>Create stack</strong></li>\\n<li>Select <strong>With new resources (standard)</strong></li>\\n<li>Select <strong>Template is ready</strong></li>\\n<li>For <strong>Template source</strong>, choose <strong>Upload a template file</strong></li>\\n<li>For <strong>Choose file</strong>, locate and choose the file that you downloaded earlier</li>\\n<li>Choose <strong>Next</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/1332b1c62ba14d13aecd03fc7ef06378_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"8\\">\\n<li>For <strong>Stack name</strong>, enter a name. In this example, we use the name <code>rds-custom-sqlserver</code></li>\\n<li>In the <strong>Parameters</strong> section, either keep the default parameter values or specify the appropriate values as needed</li>\\n</ol>\n<p>The following table summarizes the parameters for our stack creation.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/5a3f05d7ebec48eba54770b1e5f55b6e_image.png\\" alt=\\"image.png\\" /></p>\n<p>The parameter <strong>IPV4 CDR Block of your source</strong> is the public IP address of the instance (where you’re going to connect (RDP) from your EC2 Windows instance). For this post, we’re using Windows desktop; it has the public IP address 101.102.103.104, and we make an RDP connection to the Windows EC2 instance from this Windows desktop. If you don’t specify this value, the RDP connection to the EC2 instance isn’t configured, but you can set this up manually at a later point.</p>\\n<p>The parameter <strong>Setup RDP access to RDS Custom SQL Server Instance (private subnets) ?</strong> let’s you enable the RDP connection from the EC2 instance to the RDS Custom for SQL Server instance.</p>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/58bfd48b921245b4a43e1c84fc08199b_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"10\\">\\n<li>Choose <strong>Next</strong></li>\\n<li>On the <strong>Configure stack options</strong> page, choose <strong>Next</strong></li>\\n<li>On the <strong>Review</strong> page, for <strong>Capabilities</strong>, select <strong>I acknowledge that Amazon Web Services CloudFormation might create IAM resources with custom names</strong></li>\\n<li>Choose <strong>Create stack</strong><br />\\nThe stack creation process might take approximately 10 minutes.</li>\n<li>When the stack creation is complete, navigate to the stack (<code>rds-custom-sqlserver</code>) and choose the <strong>Resources</strong> tab to review all the resources that were created as part of this CloudFormation template.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/736add993d334f068a632f892c2c3813_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"15\\">\\n<li>On the <strong>Outputs</strong> tab, note the details</li>\\n</ol>\n<p>The following table summarizes our sample stack creation outputs.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/abce006b96d24e7580f96782862bc1e5_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Create_your_RDS_Custom_for_SQL_Server_instance_71\\"></a><strong>Create your RDS Custom for SQL Server instance</strong></h3>\\n<p>When the CloudFormation stack creation is complete, we launch an RDS Custom for SQL Server instance. This can be done using Amazon Web Services CLI or Amazon Web Services Console.</p>\n<p>To create your RDS Custom for SQL Server DB instance using Amazon Web Services console, complete the following steps:</p>\n<ol>\\n<li>On the Amazon RDS console, in the navigation pane, choose <strong>Databases</strong>.</li>\\n<li>Choose <strong>Create database</strong> and select <strong>Standard create</strong>.</li>\\n<li>For <strong>Engine options</strong>, choose <strong>Microsoft SQL Server</strong> for the engine type.</li>\\n<li>For <strong>Database management type</strong>, choose <strong>Amazon RDS Custom</strong>.</li>\\n<li>In the <strong>Edition</strong> section, choose the DB engine edition that you want to use. In this example, we choose <strong>SQL Server Web Edition</strong>.</li>\\n<li>For <strong>Database version</strong>, choose your database version. For this post, we choose the default SQL Server 2019 engine available version.</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/e6bcdeb6b0d44d27925f56b0d7caa8c9_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"7\\">\\n<li>In the <strong>Settings</strong> section, for <strong>DB instance identifier</strong>, enter a unique name. In this example, we use the name <code>test-rds-custom-sqlserver</code>.</li>\\n<li>In the <strong>Credential Settings</strong> section, enter the primary user name and password, and choose <strong>Confirm password</strong>.</li>\\n<li>In the <strong>Instance configuration</strong> section, choose a value for <strong>DB instance class</strong>.</li>\\n<li>In the <strong>Storage</strong> section, specify your values for <strong>Storage Type</strong>, <strong>Allocated Storage</strong>, and <strong>Provisioned IOPS</strong>. In this example, we specify <strong>Storage type</strong> as io1, <strong>Allocated storage</strong> as 100, and <strong>Provisioned IOPS</strong> as 3000.</li>\\n<li>In the <strong>Connectivity</strong> section, specify the VPC, subnet group, and security groups details, using the output values from our stack creation. For this post, we enter the following:<br />\\na. <strong>VPC</strong> – <code>rds-custom-sqlserver-vpc</code><br />\\nb. <strong>RDSCustomDBSubnetGroup</strong> – <code>rds-custom-sqlserver-db-subnet-group</code><br />\\nc. <strong>Public access</strong> – No<br />\\nd. RDSCustomSecurityGroup – <code>rds-custom-sqlserver-rds-custom-instance-sg</code>(the default security group is auto selected; we remove that and add the actual security group (<code>RDSCustomSecurityGroup</code>) that was created as part of stack creation)<br />\\ne. <strong>Port</strong> – 1433</li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/a0f2d8c811e44b1caa8b011d519e4512_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"12\\">\\n<li>In the <strong>RDS Custom security</strong> section, specify the IAM instance profile and KMS key, using the output values from our stack creation. For this post, we enter the following:<br />\\na. <strong>RDSCustomIAMInstanceProfile</strong> – <code>AWSRDSCustom-rds-custom-sqlserver-us-west-2</code><br />\\nb. <strong>RDSCustomKMSKey</strong> – <code>rds-custom-sqlserver-kms-key</code></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/7a8064f5ffd741b8974cc181e83ebc53_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"13\\">\\n<li>For <strong>RDS Custom Database Automation</strong>, select <strong>Full Automation</strong>.</li>\\n<li>Choose <strong>Create database</strong>.</li>\\n</ol>\n<h3><a id=\\"Create_an_Amazon_EC2_AMI_with_Windows_108\\"></a><strong>Create an Amazon EC2 AMI with Windows</strong></h3>\\n<p>To launch an EC2 instance with a Windows OS AMI, complete the following steps. For this post, we use the new Amazon EC2 console.</p>\n<ol>\\n<li>On the Amazon EC2 console, choose <strong>Launch an instance</strong>.</li>\\n<li>Enter a name (for this post, we use <code>ec2-windows-test-node</code>).</li>\\n<li><strong>For Application and OS Image (AMI)</strong> section, search for your Windows AMI. For this example, we choose <strong>Microsoft SQL Server 2019 Express on Windows Server 2019</strong>.<br />\\nYou can choose any Windows OS AMI that is compatible and install the SSMS tool on top of it.</li>\n<li>For <strong>Instance type</strong>¸ choose your instance type (for this post, we use t2.small).</li>\\n<li>For <strong>Key pair name</strong>¸ you can choose the key pair you created or create a new one. For this post, we use the existing key pair <code>rds-custom-keys</code>.</li>\\n<li>In the <strong>Network Settings</strong> section:</li>\\n<li>For <strong>Network Settings</strong>,<br />\\na. Specify the VPC, subnet, and security group details.<br />\\nb. For <strong>Auto-assign public IP</strong>, choose <strong>Enable</strong>.<br />\\nc. Enter the output values from our stack creation. For this post, we enter the following:</li>\n</ol>\\n<ul>\\n<li><strong>VPC</strong> – <code>rds-custom-sqlserver-vpc</code></li>\\n<li><strong>EC2InstancePublicSubnet</strong> – <code>rds-custom-sqlserver-public-subnet-1</code></li>\\n<li><strong>EC2InstanceSecurityGroup</strong> – <code>rds-custom-sqlserver-ec2-instance-sg</code></li>\\n</ul>\n<p><img src=\\"https://dev-media.amazoncloud.cn/900741f0eeb8413abf143633b896de1f_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"8\\">\\n<li>In the <strong>Configure storage</strong> section, specify the root storage size and volume type.For this example, we use GP2 with 50 GiB storage size</li>\\n<li>Choose <strong>Launch instance</strong></li>\\n</ol>\n<h3><a id=\\"Use_SSMS_to_connect_to_Amazon_RDS_Custom_for_SQL_Server_from_a_Windows_EC2_instance_132\\"></a><strong>Use SSMS to connect to Amazon RDS Custom for SQL Server from a Windows EC2 instance</strong></h3>\\n<p>After we create the RDS Custom for SQL Server instance and Windows EC2 instance, we make the RDP connection to the Windows EC2 instance, and from there we connect to the RDS Custom for SQL Server instance using SSMS.</p>\n<p>If you didn’t specify the parameter <strong>IPv4 CIDR block of your source</strong> as part of the initial stack creation, the RDP connection to the EC2 instance isn’t configured. If required, you can perform those steps manually.</p>\\n<p>Complete the following steps to configure an SSMS connection to Amazon RDS Custom for SQL Server from a Windows EC2 instance:</p>\n<ol>\\n<li>On the Amazon EC2 console, search for the underlying EC2 instance of the RDS Custom for SQL Server instance<br />\\nThis EC2 instance is created with the naming standard <code>do-not-delete-&lt;rds-custom-sqlserver-instance-name&gt;</code>. In our example, the instance name is <code>do-not-delete-test-rds-custom-sqlserver</code>.</li>\\n<li>Select the instance and choose <strong>Connect</strong></li>\\n<li>Choose <strong>Get password</strong></li>\\n<li>Specify the key pair and choose the decrypted password</li>\n<li>On the <strong>RDS client</strong> tab, choose <strong>Download remote desktop file</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/2fa499870178452f91e7e64f9610c3ba_image.png\\" alt=\\"image.png\\" /></p>\n<p>In this example, we make an RDP connection from a Windows desktop host (101.102.103.104) by using the downloaded remote desktop file and decrypted password.<br />\\n6. When you’re on the Windows EC2 instance, in the search window, search for SSMS, choose <strong>Connect</strong>, and <strong>Database Engine</strong><br />\\n7. For <strong>Server name</strong>, enter the RDS Custom for SQL Server endpoint, login, and password details that were specified when you created the RDS Custom for SQL Server instance<br />\\n8. Choose <strong>Connect</strong></p>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/50bac2c9c0c24fb5bb1a5e91f52bc305_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Configure_the_RDP_connection_to_the_RDS_Custom_for_SQL_Server_instance_from_a_Windows_EC2_instance_156\\"></a><strong>Configure the RDP connection to the RDS Custom for SQL Server instance from a Windows EC2 instance</strong></h3>\\n<p>We now complete the steps to configure the RDP connection to Amazon RDS Custom for SQL Server from a Windows EC2 instance.</p>\n<h4><a id=\\"Set_the_firewall_rules_for_the_underlying_EC2_instance_of_Amazon_RDS_Custom_for_SQL_Server_160\\"></a><strong>Set the firewall rules for the underlying EC2 instance of Amazon RDS Custom for SQL Server</strong></h4>\\n<p>Complete the following steps to set up Windows firewall to allow the RDP connection:</p>\n<ol>\\n<li>On the Amazon EC2 console, search for the underlying EC2 instance of the RDS Custom for SQL Server instance<br />\\nThis EC2 instance is created with the naming standard . In our example, the instance name is .<code>do-not-delete-&lt;rds-custom-sqlserver-instance-name&gt;do-not-delete-test-rds-custom-sqlserver</code></li>\\n<li>Select this instance and choose <strong>Connect</strong></li>\\n<li>On the Session Manager tab, choose <strong>Connect</strong></li>\\n</ol>\n<p><img src=\\"https://dev-media.amazoncloud.cn/e40556c842704fa69401006ce6a6c5ba_image.png\\" alt=\\"image.png\\" /></p>\n<p>A separate Session Manager window opens.<br />\\n4. Run the following command to set up a firewall rule to allow the RDP connection：</p>\n<pre><code class=\\"lang-\\">Set-NetFirewallRule -DisplayName &quot;Remote Desktop - User Mode (TCP-In)&quot; -Direction Inbound -LocalAddress Any -Profile Any\\n</code></pre>\\n<h4><a id=\\"Retrieve_the_secret_key_and_download_the_remote_desktop_file_177\\"></a><strong>Retrieve the secret key and download the remote desktop file</strong></h4>\\n<p>To create an RDP connection, we need the remote desktop file and Windows login password.</p>\n<p>To get the Windows password, we have to provide the key pair. Complete the following steps to get the key pair details to decrypt the password:</p>\n<ol>\\n<li>\\n<p>From the <strong>Connect to Instance</strong> interface, choose the RDP client.</p>\\n</li>\n<li>\\n<p>Download the remote desktop file.</p>\n</li>\\n<li>\\n<p>Choose <strong>Get password</strong>.</p>\\n</li>\n<li>\\n<p>Copy the key pair associated with this instance, key pair name starts with<code>do-not-delete</code>as shown in the following figure.</p>\\n</li>\n<li>\\n<p>On the <a href=\\"https://aws.amazon.com/secrets-manager/\\" target=\\"_blank\\">Amazon Web Services Secrets Manager</a> console, search for this key pair name.</p>\\n</li>\n<li>\\n<p>Select the key and choose <strong>Retrieve secret value</strong> to display the content of the RSA private key.</p>\\n</li>\n</ol>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/3cc55c7e81b547cc8d584491a2cc710a_image.png\\" alt=\\"image.png\\" /></p>\n<ol start=\\"7\\">\\n<li>Copy the entire plain text of the secret value, and paste this content into the <strong>Get Windows password</strong> section, as shown in earlier image.</li>\\n<li>Choose <strong>Decrypt password</strong>.</li>\\n</ol>\n<p>We’re now able to see the Windows login and password and save those details for completing the RDP connection.</p>\n<h4><a id=\\"Complete_the_RDP_connection_to_the_RDS_Custom_for_SQL_Server_instance_199\\"></a><strong>Complete the RDP connection to the RDS Custom for SQL Server instance</strong></h4>\\n<p>Now that we have downloaded the remote desktop file and retrieved the Windows password, complete the following steps to complete the RDP connection to the RDS Custom for SQL Server instance:</p>\n<ol>\\n<li>Copy the remote desktop file to the EC2 instance (<code>ec2-windows-test-node</code>).</li>\\n<li>Open the remote desktop file.</li>\n<li>Enter the password that you retrieved and saved earlier.</li>\n</ol>\\n<p>After you complete the RDP connection, you can access the OS file system as shown in the following screenshot and perform standard activities on the instance.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/f5404e2e30534ab49d91778e7464f6f5_image.png\\" alt=\\"image.png\\" /></p>\n<h3><a id=\\"Clean_up_resources_211\\"></a><strong>Clean up resources</strong></h3>\\n<p>If you no longer require this setup and want to avoid future charges, you can delete the resources that you created as part of this setup (namely, the RDS Custom for SQL Server and Windows EC2 instances). To delete all other resources that were launched as part of the CloudFormation stack, go to the Amazon Web Services CloudFormation console, select the stack, and choose <strong>Delete</strong>.</p>\\n<h3><a id=\\"Summary_214\\"></a><strong>Summary</strong></h3>\\n<p>In this post, we explained how to launch Amazon RDS Custom for SQL Server using a CloudFormation template and EC2 instance with a Windows AMI. We performed an RDP connection to the EC2 Windows instance, and from there we connected to Amazon RDS Custom for SQL Server using SSMS. Additionally, we made an RDP connection to the RDS Custom for SQL Server instance from the EC2 Windows instance and check the OS file system.</p>\n<p>Try out the solution and if you have any comments or questions, leave them in the comments section.</p>\n<h4><a id=\\"About_the_authors_219\\"></a><strong>About the authors</strong></h4>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/ee9aff5bceba467ead55da8f80f3c889_image.png\\" alt=\\"image.png\\" /></p>\n<p><strong>Srikanth Katakam</strong> is a Senior Database Engineer at Amazon Web Services. He works on the RDS team, focusing on commercial database engines, RDS Custom and SQL Server. He enjoys working on technical challenges in [Amazon RDS](https://aws.amazon.com/cn/rds/?trk=cndc-detail) and is passionate about learning from and sharing knowledge with his teammates and Amazon Web Services customers.</p>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/856e48a3dd5b4e39bac725a06da0b40a_image.png\\" alt=\\"image.png\\" /></p>\n<p><strong>Anand Sankar Bhagavandas</strong> is a Senior Software Development Engineer at Amazon Web Services. He works on the design and development of key features in RDS and RDS Custom for SQL Server.</p>\n"}