I need a different IP for my database/ssh access to the public IP address my users know for a better security.
For my understanding, it´s only possible to bind a single Elastic IP to one EC2 Instance, and the Private IP´s are only accessible from other EC2 Instances, not from public.
How can I approach that?
Your database shouldn't be open to any public IPs. If you're at all concerned about security, access it solely through a SSH tunnel to the instance.
For SSH, a better bet is using AWS's security groups to limit port 22 to just your current IP address. This ensures that even if someone knows the IP of your instance, they can't connect to even start attempting to brute force things.
As an additional security measure, ensure password-based authentication is off and connect only using SSH keys.
If you're still really paranoid, sit an Elastic Load Balancer in front of your instance. Users will see the load balancer's IP rather than the actual instance IP.
