Amazon RDS

AWS service of an open-source relational database management system emphasizing extensibility and SQL compliance.

Integrate with Apono to view existing permissions and create Access Flows to PostgreSQL databases.

Overview

  • Reduce Over Privileges - Discover existing privileges to RDS instances & clusters and convert them to on-demand access flows to reduce over-privileges.
  • Self Service Access - Empower your developers to gain self-servable access to instances & clusters using Slack.
  • Automated Approval Workflows - Create approval workflows to specific sensitive databases.
  • Restricted Third Party Access - Grant third-party (customer or vendor) time-based access to specific databases with MFA verification.
  • Review Access - View a detailed access audit of who was granted access to which instances & clusters with what permission level and why.

Prerequisites

Discover resources using tags

For any RDS resource you wish to discover please add apono-secret AWS tag.
By adding the apono-secret AWS tag, you can let Apono discover and add secrets support for you.

Tag name: apono-secret, Value: The Secret ARN
Important: use the same AWS Secret you created for your rds

for more granularity approach you can check: PostgreSQL , MySQL

How To Integrate Amazon RDS

📘

Have you connected an AWS account?

Make sure you have first integrated your AWS account to Apono. If not, follow this AWS Integration step-by-step guide.

  1. Click on Integrations Catalog.
  2. Under Amazon Web Services, look for Amazon RDS and click Connect

  1. Specify the integrations details:
  • Integration name – type the name of the integration
    When building an Access Flow you will reference this name
  • Select the Connector – specify the AWS account Connector name with access to this RDS

Identify the resources

  • Region – Choose the region where the RDS instances & clusters resides
  • Click Connect

👍

Hurray!

Congratulations on connecting your RDS. You can now create Access Flows that grant permissions to your RDS instances & clusters.