Amazon Aurora
Connect Amazon Aurora PostgreSQL or MySQL with a connection string over TLS.
Reads tables from an Amazon Aurora cluster. Aurora is PostgreSQL- and MySQL-compatible, so it connects exactly like a self-hosted database. Use the cluster's writer (or reader) endpoint as the host. Flitch only issues read queries, so it can never write to your database.
Add a source
Aurora comes in two editions. Pick the tile that matches yours: Aurora Postgres or Aurora MySQL.
Prerequisites
- An Aurora cluster with its security group allowing Flitch's connector egress IP on the database port.
- A user with read access to the tables you want.
Create a read-only user
CREATE USER flitch_readonly WITH PASSWORD 'choose-a-strong-password';
GRANT CONNECT ON DATABASE mydb TO flitch_readonly;
GRANT USAGE ON SCHEMA public TO flitch_readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO flitch_readonly;Build the connection string
Copy the cluster's writer endpoint from the RDS console (Databases → your cluster → Connectivity & security).
postgresql://flitch_readonly:password@mycluster.cluster-abc123.us-east-1.rds.amazonaws.com:5432/mydb?sslmode=requireOpen the form
Go to Data → Add → Aurora Postgres, paste the connection string, then pick datasets.
Create a read-only user
CREATE USER 'flitch_readonly'@'%' IDENTIFIED BY 'choose-a-strong-password';
GRANT SELECT ON mydb.* TO 'flitch_readonly'@'%';
FLUSH PRIVILEGES;Build the connection string
mysql://flitch_readonly:password@mycluster.cluster-abc123.us-east-1.rds.amazonaws.com:3306/mydb?ssl-mode=REQUIREDOpen the form
Go to Data → Add → Aurora MySQL, paste the connection string, then pick datasets.
Network access
Flitch connects from its own server, not your browser. Add Flitch's connector egress IP (shown in the Add Source form) to the cluster's VPC security group on the database port, and make sure the cluster is reachable from Flitch.
Team-wide credential (optional)
A team admin can store one shared credential in Settings → Data connections; new connections then default to it, with no per-connection secret.
Refresh
Refresh is off by default. Enable it to schedule a background refresh and serve from cache between runs. See Refresh.
Troubleshooting
Connection timed out. The security group does not allow Flitch's egress IP, or the endpoint is not reachable. Add the egress IP on the database port.
Use the writer endpoint. Pointing at an instance endpoint that has failed over can break the connection; the cluster writer (or reader) endpoint follows failovers.
SSL required. Keep sslmode=require (Postgres) or ssl-mode=REQUIRED (MySQL); Aurora enforces TLS by default.