This cannot be done using IP. First, allow VPC access for the Lambda function, and if it needs an internet connection, for that create a subnet within the VPC with a NAT gateway. Then assign it to the Security Group. Finally, in the Security Group assigned to the RDS instance, you will have to enable for the Security Group assigned for the Lambda function.