Will print out RDS DB Instance DB Identifiers with their ENI and Private IP. Will only work if one SG is used per RDS DB (EDIT: Updated to work for DB Clusters e.g. Aurora Serverless)

describe-rds-private-ips.py

import boto3

ec2_client = boto3.client('ec2')
rds_client = boto3.client('rds')

rdsNetworkInterfaces = ec2_client.describe_network_interfaces(
    Filters=[
        {
            'Name': 'attachment.instance-owner-id',
            'Values': [
                'amazon-rds',
            ]
        },
    ]
)

rdsDBInstances = rds_client.describe_db_instances()

for rds in rdsDBInstances['DBInstances']:
    for eni in rdsNetworkInterfaces['NetworkInterfaces']:
        vpcSecurityGroups = rds['VpcSecurityGroups']
        groups = eni['Groups']
        for vpcSecurityGroup in vpcSecurityGroups:
            for group in groups:
                if group['GroupId'] == vpcSecurityGroup['VpcSecurityGroupId']:
                    print(rds['DBInstanceIdentifier'] + ' ' + eni['NetworkInterfaceId'] + ' ' + eni['PrivateIpAddress'])

rdsNetworkInterfaces = ec2_client.describe_network_interfaces(
    Filters=[
        {
            'Name': 'attachment.instance-owner-id',
            'Values': [
                'amazon-aws'
            ]
        },
    ]
)

rdsDBClusters = rds_client.describe_db_clusters()

for rds in rdsDBClusters['DBClusters']:
    for eni in rdsNetworkInterfaces['NetworkInterfaces']:
        vpcSecurityGroups = rds['VpcSecurityGroups']
        groups = eni['Groups']
        for vpcSecurityGroup in vpcSecurityGroups:
            for group in groups:
                if group['GroupId'] == vpcSecurityGroup['VpcSecurityGroupId']:
                    print(rds['DBClusterIdentifier'] + ' ' + eni['NetworkInterfaceId'] + ' ' + eni['PrivateIpAddress'])

oh this is just all kinds of amazing, thank you!