How to Create a MySQL Database on AWS (Amazon Web Services)

Start replicating your data now
How to Create a MySQL Database on AWS (Amazon Web Services)

This article is part of our series designed to help you get started with analyzing data in the cloud. We recommend that you read our previous article on how to create an AWS account.

Setting Up a MySQL Database on AWS

To create your MySQL database on AWS, log in to your account and follow these steps:

1) Select Your Region. In the top-right menu, you have the option to choose the region where your database will be created. AWS regions determine the data center location and affect the hourly pricing. For example, setting up a database in São Paulo is significantly more expensive than in Virginia, though it offers lower latency. Since this article focuses on analytical databases (Data Warehouses and Data Lakes), a few microseconds of latency are acceptable, so we’ll be using the US East 1 (N. Virginia) region.

2) Search for “RDS” in the top search bar and select the RDS service.

3) On the main RDS page, click “Create database.”

4) On the database creation page, select “Standard Create” as the method.

5) In the next section, choose the type of database. Select “MySQL.”

6) In the following section, you can pick a setup template. AWS offers a free-tier option for new members, which helps reduce costs during the first few months.

7) Next, fill in some basic database details, such as the server identifier, master username, and password. This is straightforward, but make sure to save the master user password since it cannot be recovered later.

8) The instance configuration section will be pre-filled based on the free-tier template selected in step 6.

9) The storage settings will also be automatically configured for the free-tier, so there’s no need to change anything.

10) In the connectivity section, choose the VPC where your database will be created or create a new one. If your account is new, you can leave the default VPC selected. Here, adjust some settings to allow access from machines outside your network, like your data analysis and visualization tools (don’t worry, we’ll set up a firewall later). Set “Public Access” to “Yes.”

11) In the VPC security group section, select “Create new” and give your security group a name.

12) Once that’s configured, find the “Additional Configuration” section at the bottom of the page.

13) Give your database an initial name, like “kondado.”

14) Scroll down and click “Create database.”

15) After a few moments, you’ll be redirected to the page listing your databases, and you’ll see your new database being created. While this is happening, let’s set up the security rules by clicking on your database.

16) On your database page, find the “Security and Connection” section and click on your security group name.

17) In the security group screen, we’ll add rules specifying who can access your database: Find the “Inbound Rules” tab and click “Edit Inbound Rules.”

18) By default, your database is only accessible from one IP. If you want to keep this setting, you can skip to step 24.

19) To remove the original access rule, click “Delete” on the right side of the rule.

20) Click “Add Rule” to add new rules. You’ll need to add a separate rule for each IP address you want to grant access to.

21) When adding a new rule, make sure to select the correct port (3306 for MySQL) in the “Type” column.

22) Important rules to add include your own IP address (to allow access with tools like Power BI) and Kondado’s server IPs, which can be found by   clicking here

23) Once you’ve added all the IP addresses, click “Save Rules.”

24) Go back to the RDS console homepage, select “Databases” from the left menu, and click on your newly created database.

25) Your database is now set up! In the “Security and Connection” section, you’ll find your database’s host address. The username, password, and database name were configured in steps 7 and 13.

Adding Your New MySQL Database as a Destination in Kondado

 To learn how to add your newly created MySQL database as a destination in Kondado,  click here.

Create a MySQL Database on AWS for Analytics

Set up a MySQL database on AWS RDS optimized for analytical workloads, configure public access, and secure it with proper inbound rules for BI tools.

1
Select Region and Launch RDS

Log into AWS and choose US East 1 (N. Virginia) from the top-right region menu to minimize costs for analytical databases where slight latency is acceptable. Search for RDS in the top search bar and select the service.

2
Create MySQL Database Instance

Click Create database, choose Standard Create, select MySQL as the engine, and pick the Free tier template to reduce initial costs. Fill in the server identifier, master username, and password—save the password securely as it cannot be recovered.

3
Configure Connectivity for External Access

In the connectivity section, keep the default VPC and set Public Access to Yes to allow connections from external tools. Create a new VPC security group and name it descriptively for easy identification later.

4
Set Initial Database Name

Scroll to Additional Configuration and enter an initial database name such as kondado. Review all settings, then click Create database and wait for provisioning to complete.

5
Configure Security Group Inbound Rules

Click your database, navigate to Security and Connection, and open your security group. Edit Inbound Rules: remove the default single-IP rule if needed, then add rules for each IP address including your own and Kondado's server IPs. Use port 3306 (MySQL) for all rules.

6
Connect Database to Analytics Tools

Return to the RDS console, select your database, and copy the host address from the Security and Connection section. Use this with your username, password, and database name to connect BI tools. To integrate with a data pipeline platform, learn how to add your database as a destination for data integration.

Frequently asked questions

Why should I choose US East 1 (N. Virginia) instead of a closer region like São Paulo?
For analytical databases (Data Warehouses and Data Lakes), a few microseconds of latency are acceptable. US East 1 is significantly cheaper than São Paulo while still providing reliable performance for analytics workloads where extra-low latency is not required.
What happens if I lose the master password I created in step 7?
AWS does not allow recovery of the master user password. You must save it securely during creation. If lost, you would need to modify the database instance to reset the master password through the AWS console, which requires administrative access.
Why do I need to set Public Access to Yes for an analytics database?
Setting Public Access to Yes allows external tools — such as BI platforms and data visualization tools — to connect to your database. This is essential when your analytics stack runs outside your AWS VPC. Security is maintained through strict inbound firewall rules rather than network isolation alone.
Which port should I use when adding inbound rules for MySQL?
Always use port 3306 when configuring inbound rules for MySQL databases. This is the default and standard port for MySQL connections. Selecting the wrong port will prevent tools from establishing a connection even if the IP address is correctly whitelisted.
How do I find Kondado's server IPs to add to my security group?
The article references a link for Kondado's server IPs. For the most current IP ranges and detailed connection instructions, visit Kondado's destinations documentation, which covers how to securely connect your AWS MySQL database as a pipeline destination.
Can I use the free tier template for production analytics workloads?
The free tier is ideal for learning, development, and small initial workloads. For production analytics with larger datasets or multiple concurrent users, upgrade to a larger instance class and configure storage and compute resources based on your query patterns and data volume.
Written by·Published 2024-11-05·Updated 2026-04-26