It appears that your configuration is:
- One VPC
- A Public Subnet containing an Amazon EC2 instance
- A Private Subnet containing an Amazon RDS for SQL Server instance
- You are attempting to connect from the EC2 instance to the RDS db instance
For this to work, you should configure:
- A Security Group (let's call it
EC2-SG
) that is associated with the EC2 instance, permitting connections such that you can login to the EC2 instance
- A Security Group (
RDS-SG
) associated with the RDS db instance, with an incoming connection configured for SQL Server (port 1433) with source set to EC2-SG
That is, the database security group should ALLOW
an incoming connection with a source of the security group that is associated to the EC2 instance. The VPC will automatically figure out the IP addresses — you do not need to specify them.
Then, connect from the EC2 instance to the RDS db instance via the DNS Name of the RDS instance that is given in the RDS console.