Custom RDS Resource Security Group

Just a quick question if I want to have more control over a resource and I manually create an RDS resource. If I want to keep the same security as if I created the resouce in my convox.yml should I do these two things:

  • Create resource in same VPC
  • Use the InstancesSecurity group as my Security Group so that it is only available to my rack instances

Anything else I might be missing or doing wrong?