Why don't I need a certificate to connect to our AWS database?

I'm a developer more than a devops or sysadmin. person and I'm trying to work out what we have to do about SSL certificates and our AWS databases. It is well-known that the certificates issued in 2015 for AWS databases will expire on 5 March 2020 and it is necessary to install the certificates issued in 2019.

However, it seems to me that we don't need certificates to connect to our AWS database. What I mean by that is that to connect to one of our Azure databases, the following *nix command is required:

mysql -h ourstuff.database.azure.com -u ouruser -p --ssl-ca=certificatefile.crt.pem --ssl-mode=VERIFY_CA

but to connect to our AWS database, we don't need that SSL stuff:

mysql -h ourstuff.blahblahblah.rds.amazonaws.com --database=ourdatabase -u ouruser -p

Similarly, we have PHP applications that supply the certificate to connect to the Azure database (via mysqli_ssl_set()) but not for AWS.

So I have these questions:

• Since there is no option in the AWS dashboard for removing the certificate from the database, how is it that I can connect to the database without supplying any credentials? (other than a password) Is it because I am on a my company's network, and the network is whitelisted?
• What should I do to force clients to supply credentials? Empty the IP whitelist table? If a such thing exists.
• If access is based on IP whitelisting, would it really increase the security of the database if we mandated access via SSL?
• If a certificate isn't required now, owing to the connecting username (as per Mlu's answer below), will that change when I install the 2019 certificates?

Thanks in expectation.