RDS PostgreSQL
Apono integration for AWS-managed PostgreSQL for the secure management of access to the relational database system
Overview
PostgreSQL databases are open-source relational database management systems emphasizing extensibility and SQL compliance. Amazon enables developers to create cloud-hosted PostgreSQL databases.
Through this integration, Apono helps you securely manage access to your Amazon RDS for PostgreSQL instances.
Prerequisites
Before starting this integration, create the items listed in the following table.
Item | Description |
---|---|
Apono Connector | On-prem connection with network access to your Amazon RDS for PostgreSQL instances
Minimum Required Version: 1.3.0 Use the following steps to update an existing connector. |
Secret | Value generated through AWS Secrets Manager using credentials for an admin-level user of the Amazon RDS instance:
Apono does not store credentials. The Apono Connector uses the secret to communicate with services in your environment and separate the Apono web app from the environment for maximal security. |
User | PostgreSQL user for Apono
The user must have one of the following permissions:
|
PostgreSQL Info | Information for the database instance to be integrated:
|
AWS Tag | (Optional) Metadata label assigned to AWS resources
Adding an AWS tag, enables Apono to discover and add resources on your behalf. When adding an AWS tag, use the following information:
|
Integrate Amazon RDS for PostgreSQL
Use the following steps to complete the integration:
- On the Catalog tab, click PostgreSQL. The Connect PostgreSQL page appears.
- From the dropdown menu, select a connector.
If the desired connector is not listed, click + Add new connector and follow the instructions for creating an AWS connector.
- Click Next. The Complete setup page appears.
- Enter a unique, alphanumeric, user-friendly Integration Name. This name is used to identify this integration when constructing an Access Flow.
- Enter the Hostname of the PostgreSQL instance to connect.
- (Optional) Enter the Port value for the database. By default, Apono sets this value to 5432.
- Enter the Database Name.
- From the SSL Mode dropdown menu, select the mode of Secure Sockets Layer (SSL) encryption used to secure the connection with the SQL database server:
- require: (Recommended) An SSL-encrypted connection must be used.
- allow: An SSL-encrypted or unencrypted connection is used. If an SSL encrypted connection is unavailable, the unencrypted connection is used.
- disable: An unencrypted connection is used.
- prefer: An SSL encrypted connection is attempted. If the encrypted connection is unavailable, the unencrypted connection is used.
- verify-ca: An SSL-encrypted connection must be used and a server certification verification against the provided CA certificates must pass.
- verify-full: An SSL-encrypted connection must be used and a server certification verification against the provided CA certificates must pass. Additionally, the server hostname is checked against the certificate's names.
- Under Secret Store, associate the secret.
- Click Connect.
Now that you have completed this integration, you can create access flows that grant permission to your RDS for PostgreSQL database.
Updated about 1 month ago