# Integrate Amazon RDS for SQL Server with Databox Amazon Relational Database Service (Amazon RDS) is a managed cloud database service from AWS that makes it easy to set up, operate, and scale relational databases without managing the underlying infrastructure. It supports multiple database engines including SQL Server, PostgreSQL, MySQL, MariaDB, and Oracle. Connecting Amazon RDS for SQL Server to Databox lets you pull data directly from your managed database, build datasets using SQL queries, and visualize business-critical figures alongside data from your other connected tools. This article covers connections using the **SQL Server engine**. If your RDS instance runs a different engine, use the corresponding Databox connector: PostgreSQL instances use the [PostgreSQL](/integrate-amazon-rds-for-postgresql-with-databox) connector, and MySQL instances use the [MySQL](/integrate-amazon-rds-for-mysql-with-databox) connector. The steps for configuring public access and security group rules in AWS are the same regardless of engine. ## Connection If you've already established a connection, you can [reuse](/add-a-data-source) it to add new data sources to your Databox account. ### Step 1: Create a read-only SQL Server login for Databox Databox only reads data from your database — it never writes to it. Create a dedicated SQL Server login with `SELECT`-only permissions on the database you want to connect. You can run these commands using a SQL Server client (such as SSMS or Azure Data Studio) connected to your RDS instance, or via the **Query Editor** in the AWS Management Console. ```sql CREATE LOGIN databox WITH PASSWORD = 'your_secure_password'; GO USE your_database; GO CREATE USER databox FOR LOGIN databox; GO GRANT SELECT ON SCHEMA::dbo TO databox; GO ``` Replace `your_database` with the name of the database you want to connect, and `your_secure_password` with a strong password. If you need to grant access to additional schemas, repeat the `GRANT SELECT ON SCHEMA` statement for each one. Avoid the following special characters in your password, as they can cause encoding issues when establishing the connection: ```, `'`, `"`, `/`, `\`, and spaces. ### Step 2: Enable public accessibility on your RDS instance By default, RDS instances are not accessible from outside their VPC. To allow Databox to reach your instance, it must be configured as publicly accessible. 1. In the [AWS Management Console](https://console.aws.amazon.com/rds/), go to **Databases** and select your DB instance. 2. Click **Modify**. 3. Under **Connectivity**, set **Public access** to **Yes**. 4. Click **Continue**, then choose when to apply the change (**Apply immediately** or during the next maintenance window). 5. Click **Modify DB instance** to save. For the instance to be reachable after enabling public access, its DB subnet group must be in a VPC subnet with an internet gateway attached. If connectivity still fails after enabling this setting, verify that a route to `0.0.0.0/0` via an internet gateway exists in the associated route table. ### Step 3: Add the Databox IP to your VPC security group RDS controls network access through VPC security groups. Add an inbound rule that permits TCP traffic on port `1433` from the Databox IP address. 1. In the [AWS Management Console](https://console.aws.amazon.com/rds/), go to **Databases** and select your DB instance. 2. Under **Connectivity & security**, click the link to the **VPC security group** associated with the instance. 3. Select the security group, then click **Edit inbound rules**. 4. Click **Add rule** and fill in: - **Type**: MS SQL - **Protocol**: TCP - **Port range**: 1433 - **Source**: Custom — enter `52.4.198.118/32` 5. Click **Save rules**. ### Step 4: Enter your RDS connection details in Databox 1. In Databox, go to **Data Sources > + New connection**. 2. Search for **Amazon RDS for SQL Server** and click **Connect**. 3. Fill in the connection form: - **Data source name** — a label for this connection in Databox. - **Server Name** — your RDS endpoint hostname, found on the instance's **Connectivity & security** tab in the AWS Console (e.g., `mydb.abc123.us-east-1.rds.amazonaws.com`). - **Port** — the port your RDS instance listens on. The default for SQL Server is `1433`. - **Username** — the SQL Server login name created in [Step 1](#step-1-create-a-read-only-sql-server-login-for-databox). - **Password** — the password for that login. - **Database name** (optional) — the specific database to connect to. Leave blank to connect at the server level. - **Timezone** — the time zone used to interpret date values in query results. Defaults to `Etc/UTC`. 4. Click **Connect**. connect ## Datasets The Amazon RDS for SQL Server integration supports the creation of [datasets](/understanding-datasets), which allow you to define and shape the specific data you want to use for reporting in Databox. Datasets make it easier to focus on the most relevant information, enabling you to filter, visualize, and analyze metrics across projects, teams, and clients without writing complex queries each time. ### Steps to create a dataset 1. **Select a table**: Pick the appropriate schema within that database. 2. **Select columns**: Browse and select the specific columns (fields) from your tables or views to include in your dataset. These columns define the structure and content of your dataset. ### Optional: Write SQL For more advanced use cases, you can write a **custom SQL query** instead of selecting columns manually. This allows you to: - Join multiple tables - Apply filters and aggregations - Format or transform data before importing it into Databox Your query must return a valid tabular result to be used as a dataset. ### Additional resources - [Amazon RDS documentation](https://docs.aws.amazon.com/rds/) — Official AWS docs for Amazon RDS, covering instance creation, connectivity, security, backups, multi-AZ deployments, read replicas, and monitoring. - [Amazon RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html) — SQL Server-specific guidance within the RDS User Guide, including supported versions, editions, parameter groups, and engine-specific features. ## Resources For comprehensive details on metrics, data availability, templates, specifications, usage guidelines, and other key information, refer to the resources listed below. No. Databox connects using standard database username and password credentials. IAM database authentication is not currently supported. Check the following in order: 1. **Public access** is set to **Yes** on the DB instance (under **Modify > Connectivity**). 2. The **VPC security group** has an inbound rule allowing TCP on port `1433` from `52.4.198.118/32`. 3. The subnet associated with the instance has a route to an internet gateway (`0.0.0.0/0`). 4. The SQL Server login was created at the server level and a corresponding user exists in the target database with `SELECT` permissions. In the AWS Management Console, go to **RDS > Databases**, select your instance, and open the **Connectivity & security** tab. The endpoint is listed under **Endpoint & port** and follows the format `identifier.xxxxxxxxxxxx.region.rds.amazonaws.com`. Copy this value into the **Host** field in Databox.   Ask Genie Get instant answers or help with your data using the in-app AI assistant. Talk to an expert For customers: Get help with your setup, strategy, or making the most of Databox. Book a demo New to Databox? See how it works and get guidance on getting started. Send an email Reach out to support for help with your account, data, or technical issues.