diff --git a/README.md b/README.md
index be38531..34c0941 100644
--- a/README.md
+++ b/README.md
@@ -19,8 +19,8 @@ This reference platform defines a custom API for creating an EKS cluster
 ([XCluster](package/cluster/definition.yaml)) which includes the actual EKS
 cluster, a network fabric and Prometheus and other cluster services
 ([XServices](package/cluster/composition.yaml)). Additionally it defines a
-custom API for provisioning Postgres Databases
-([XPostgreSQLInstance](package/database/postgres/definition.yaml)).
+custom API for provisioning RDS Databases
+([XSQLInstance](package/database/sqlinstance/definition.yaml)).
 
 
 ```mermaid
@@ -28,7 +28,7 @@ graph LR;
     MyApp(My App)---MyCluster(XRC: my-cluster);
     MyCluster---XRD1(XRD: XCluster);
     MyApp---MyDB(XRC: my-db);
-    MyDB---XRD2(XRD: XPostgreSQLInstance);
+    MyDB---XRD2(XRD: XSQLInstance);
 		subgraph Configuration:upbound/platform-ref-aws;
 	    XRD1---Composition(XEKS, XNetwork, XServices);
 	    XRD2---Composition2(Composition);
@@ -162,6 +162,12 @@ Alternatively, you can use mariadb claim:
 kubectl apply -f examples/mariadb-claim.yaml
 ```
 
+Deploy sample application:
+
+```
+kubectl apply -f examples/ghost-claim.yaml
+```
+
 You can verify status by inspecting the claims, composites and managed
 resources:
 
diff --git a/examples/ghost-claim.yaml b/examples/ghost-claim.yaml
new file mode 100644
index 0000000..695ed8e
--- /dev/null
+++ b/examples/ghost-claim.yaml
@@ -0,0 +1,12 @@
+apiVersion: aws.platformref.upbound.io/v1alpha1
+kind: App
+metadata:
+  name: platform-ref-aws-ghost
+spec:
+  providerConfigRef:
+    name: platform-ref-aws
+  passwordSecretRef:
+    namespace: default
+    name: platform-ref-aws-db-conn-mariadb
+  writeConnectionSecretToRef:
+    name: platform-ref-aws-ghost-conn
diff --git a/package/app/composition.yaml b/package/app/composition.yaml
new file mode 100644
index 0000000..053ad21
--- /dev/null
+++ b/package/app/composition.yaml
@@ -0,0 +1,70 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: Composition
+metadata:
+  name: xapps.aws.platformref.upbound.io
+  labels:
+    provider: helm
+spec:
+  writeConnectionSecretsToNamespace: upbound-system
+  compositeTypeRef:
+    apiVersion: aws.platformref.upbound.io/v1alpha1
+    kind: XApp
+  resources:
+    - name: helmRelease
+      base:
+        apiVersion: helm.crossplane.io/v1beta1
+        kind: Release
+        spec:
+          rollbackLimit: 3
+          forProvider:
+            namespace: ghost
+            chart:
+              name: ghost
+              repository: https://charts.bitnami.com/bitnami
+              version: "19.1.38"
+            values:
+              persistence:
+                enabled: false
+              mysql:
+                enabled: false
+              externalDatabase:
+                database: upbound
+                port: 3306
+              ghostHost: upboundrocks.cloud
+              ghostBlogTitle: Upbound Rocks!
+            set:
+              - name: externalDatabase.host
+                valueFrom:
+                  secretKeyRef:
+                    key: host
+              - name: externalDatabase.user
+                valueFrom:
+                  secretKeyRef:
+                    key: username
+              - name: externalDatabase.password
+                valueFrom:
+                  secretKeyRef:
+                    key: password
+      patches:
+        # All Helm releases derive their labels and annotations from the XR.
+        - fromFieldPath: metadata.labels
+          toFieldPath: metadata.labels
+        - fromFieldPath: metadata.annotations
+          toFieldPath: metadata.annotations
+        # All Helm releases derive the ProviderConfig to use from the XR.
+        - fromFieldPath: spec.providerConfigRef.name
+          toFieldPath: spec.providerConfigRef.name
+        - fromFieldPath: spec.helm.version
+          toFieldPath: spec.forProvider.chart.version
+        - fromFieldPath: spec.passwordSecretRef.namespace
+          toFieldPath: spec.forProvider.set[0].valueFrom.secretKeyRef.namespace
+        - fromFieldPath: spec.passwordSecretRef.name
+          toFieldPath: spec.forProvider.set[0].valueFrom.secretKeyRef.name
+        - fromFieldPath: spec.passwordSecretRef.namespace
+          toFieldPath: spec.forProvider.set[1].valueFrom.secretKeyRef.namespace
+        - fromFieldPath: spec.passwordSecretRef.name
+          toFieldPath: spec.forProvider.set[1].valueFrom.secretKeyRef.name
+        - fromFieldPath: spec.passwordSecretRef.namespace
+          toFieldPath: spec.forProvider.set[2].valueFrom.secretKeyRef.namespace
+        - fromFieldPath: spec.passwordSecretRef.name
+          toFieldPath: spec.forProvider.set[2].valueFrom.secretKeyRef.name
diff --git a/package/app/definition.yaml b/package/app/definition.yaml
new file mode 100644
index 0000000..f9421fd
--- /dev/null
+++ b/package/app/definition.yaml
@@ -0,0 +1,65 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: CompositeResourceDefinition
+metadata:
+  name: xapps.aws.platformref.upbound.io
+spec:
+  group: aws.platformref.upbound.io
+  names:
+    kind: XApp
+    plural: xapps
+  claimNames:
+    kind: App
+    plural: apps
+  versions:
+  - name: v1alpha1
+    served: true
+    referenceable: true
+    schema:
+      openAPIV3Schema:
+        type: object
+        properties:
+          spec:
+            type: object
+            properties:
+              helm:
+               type: object
+               description: Configuration for operators.
+               properties:
+                 chart:
+                   type: object
+                   description: Configuration for the Helm Chart
+                   properties:
+                     name:
+                       type: string
+                       description: chart name
+                     repo:
+                       type: string
+                       description: chart repo
+                     version:
+                       type: string
+                       description: chart version
+              passwordSecretRef:
+                type: object
+                description: "A reference to the Secret object containing database credentials"
+                properties:
+                  namespace:
+                    type: string
+                  name:
+                    type: string
+                required:
+                - namespace
+                - name
+              providerConfigRef:
+                type: object
+                description: "A reference to the ProviderConfig of the cluster that services should
+                be deployed to."
+                properties:
+                  name:
+                    type: string
+                    description: "Name of the Helm provider configuration.
+                      This will typically be the name of the cluster with a
+                      five character suffix appended."
+                required:
+                - name
+            required:
+            - providerConfigRef
diff --git a/package/database/sqlinstance/composition.yaml b/package/database/sqlinstance/composition.yaml
index b0edc77..2027f72 100644
--- a/package/database/sqlinstance/composition.yaml
+++ b/package/database/sqlinstance/composition.yaml
@@ -63,6 +63,8 @@ spec:
       connectionDetails:
         - fromFieldPath: "status.atProvider.endpoint"
           name: endpoint
+        - fromFieldPath: "status.atProvider.address"
+          name: host
         - fromFieldPath: "spec.forProvider.username"
           name: username
         - fromConnectionSecretKey: "attribute.password"
diff --git a/package/database/sqlinstance/definition.yaml b/package/database/sqlinstance/definition.yaml
index 5840095..88447b6 100644
--- a/package/database/sqlinstance/definition.yaml
+++ b/package/database/sqlinstance/definition.yaml
@@ -10,7 +10,7 @@ spec:
     - username
     - password
     - endpoint
-    - port
+    - host
   group: aws.platformref.upbound.io
   names:
     kind: XSQLInstance