Give your AI coding assistant access to your private RDS database in a VPC. Use MCP, SSM tunnels, and VPC endpoints to securely connect Claude Code to PostgreSQL without exposing your database to the internet.

AWS Fundamentals offers foundational knowledge and resources for understanding Amazon Web Services (AWS) cloud computing services. From basic concepts like virtual servers and storage to advanced topics like serverless architecture and machine learning on AWS, readers can learn how to leverage the full potential of cloud computing for their applications and businesses.

AWS Fundamentals

A practical guide to connecting Claude Code (an AI coding assistant) to a private AWS RDS PostgreSQL database using MCP (Model Context Protocol), AWS Session Manager (SSM) tunnels, VPC endpoints, and a jumphost EC2 instance. The setup avoids exposing the database to the internet while giving the AI assistant live access to schema and data. The post covers deploying a CDK stack, seeding the database, configuring the MCP integration, and security considerations including read-only access and audit trails via CloudTrail.

Connect Claude Code to a Private RDS Database Using MCP and SSM Tunnels

The Networking Problem: RDS Lives in a Private Subnet

The Architecture: SSM Tunnel + VPC Endpoints + jumphost

Deploy the CDK Stack and Start the Tunnel