Retool connects to most databases, including Postgres, MySQL, MS SQL, and MongoDB. Here's a list of all the currently supported data sources.
To add a database, log into https://login.retool.com/ and navigate to Resources from the top navigation bar.
Once on the Resources page click the Create New button in the upper right corner to open the "Connect a resource" flow and select your database type.
Next, choose a name for your resource. This is the name that appears for your database inside of Retool and what will be visible to editors when making queries.
Add Retool's IP Addresses to your allowlist
For most databases, you'll need to add our IP addresses to your allowlist:
For AWS, you will need to allow the above IPs in your network security group, and also enable Publicly accessible on your RDS instance. Publicly accessible means that if you add the IP address to your allowlist, Retool will be able to connect to your database. The connection is secure. As long as you do not add arbitrary IP addresses, other IP addresses are not able to connect to your database.
Note: this only applies to cloud customers. For an on-premise setup, you need to add the IP address you set up for your Retool app to your allowlist.
The information required for connecting your database may vary, depending on the type of database you select.
Enter the host and port for your database:
Next, enter the name of the database you want to access and a username and password. User credentials must have read permissions to work in Retool, but write permissions are optional.
If your database requires SSL connections, check the Connect using SSL checkbox.
Click Create resource to save your database. Your database is now available as a resource to be used in your Retool apps.
It's sometimes preferable to restrict a SQL resource to only use GUI mode in the query editor. This can be particularly useful if you don't want users to run raw SQL write operations.
To enable this, check the “show write GUI mode only” option on the resource configuration page. Note that your database user credentials still need to have both read and write permissions, even if (this setting is enabled.) See Writing to SQL for more information on the GUI mode.
As a complement, you can create an entirely separate resource for the same database, but with a database user that has only read permissions. Without write permissions, only the SQL mode will be enabled in the query editor. This protects the resource user from writing any destructive SQL statements, like
Using an SSH Tunnel is available, if needed. See more info about SSH tunneling.
Updated 4 months ago