![]() ![]() You can do it via AWS console or the AWS CLI. Enabling IAM Database Authentication on RDS instance It can only be accessed from the EC2 host. .: This is the endpoint of RDS postgreSQL, it is not public accessible.It hasn’t been configured with the access keys yet. ip-172-31-44-91: This is EC2 host which needs to connect to RDS postgreSQL with IAM DB authentication.192-168-1-114: This is my management host (laptop) which has been configured with the access keys of my AWS management user.I’ll be using 3 hosts in the demonstration: SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off) For applications running on Amazon EC2, you can use profile credentials specific to your EC2 instance to access your database instead of a password, for greater security.Īssume you have an EC2 instance up and running and have access to the RDS postgreSQL instance via traditional database ~]$ psql -h. -U postgres.You can use IAM to centrally manage access to your database resources, instead of managing access individually on each DB instance.Network traffic to and from the database is encrypted using Secure Sockets Layer (SSL).I’ll take you through the whole procedure of configuring and testing the IAM database authentication.īefore starts the configuration, let’s start by checking out the benefits of using IAM database authentication: Authentication tokens are generated using AWS Signature Version 4. Instead, you use an authentication token.Īn authentication token is a unique string of characters that Amazon RDS generates on request. With this authentication method, you don’t need to use a password when you connect to a DB instance. In order to use IAM database authentication, your PostgreSQL version needs to be 10.6 or higher, 9.6.11 or higher, and 9.5.15 or higher. In this article, we’ll only be discussing PostgreSQL. IAM database authentication works with MySQL and PostgreSQL. ![]() If that’s the case, you can authenticate to your DB instance using AWS Identity and Access Management (IAM) database authentication. ![]() When you configure your application on AWS EC2 to access the RDS PostgreSQL database, you may not want to do the authentication using the password file. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |