How can I connect Google Data Studio to an Private AWS RDS Postgres instance?


I am having a problem connecting AWS (Amazon Web Services) RDS (Relational Database Service) PostgreSQL instance with Google Data Studio. My RDS is a private DB, when I try to connect my RDS with GDS it's asking for: Server certificate, Client certificate, Client private key. Normally i connect my rds through ec2 which is in public subnet that acts as a Jump server for rds. But in GDS PostgreSQL connector i don't find any mechanism like that. How can i connect my Private RDS to GDS?

2 Answers

Hello, I see that you are trying to use GDS with your RDS instance. You have mentioned that you instance is private and when you try connecting with GDS it asks it asks for server and client certificates and as well as a client private key. However it seems that RDS does not allow customers to upload nor configure their own certificates. With that being said RDS maintains its own certificates on the hosts. Customers who would like to use SSL must download the RDS specific regional root certificates[1], which is mentioned in the documentation[2]. Note that if your application does accept certificate chains, you can may use a root certificate that works for all regions[1]. However you can connect with your instance publicly or privately accessible using the google 3rd party partner connectors like 2minute Report which you can use for select queries because you can use the SSH option to connect. AWS RDS is a managed service and only needs RDS specific SSL certificates provided in the documentation the issue you face is direct at GDS configurations which requests you to provide an additional SSL certificate and private key. Currently there are no clear directions by Google on how to connect to Amazon RDS database instances from Google Data Studio, with SSL enabled but I have found a helping method to do so[3].I have also found the thread[4] that is present on the Google support community that mentions that it is not possible to connect to the RDS instance through SSL. You can refer the same thread for your reference. However, you may still use Google Data Studio to connect to your RDS/Aurora without SSL if your use case permits. Due to this in a private subnet, I found these IP's from Google's documentation that you need to have mentioned in the security group[5]. Once you have these changes, attempt to do the connection. Google IPs:

References: [1]





answered 2 years ago
  • Hello @Antonio. I am glad at last someone respond. I read out your comments & i appreciate it. But problem is , the solution you provide i already test it, & this solution is for public DB not for private. As my RDS is in private subnet, it's not possible to figure it out by GDS. In that case how can i connect it? One of my team mate said to use open vpn, but in GDS i cant figure it out how to install/configure vpn on GDS?

  • We are also in the exact same situation. @rePost-User-9120760, did you ever come up with a solution? Our RDS is on private subnets, but need to grant access to Google Looker Studio.


I'm not sure, but you can try Skyvia as an alternative solution. It is a no-code cloud ETL tool.

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions