Home > Software engineering >  How to a encryption to a AWS RDS MySql database and how to access that encrypted database using SSL
How to a encryption to a AWS RDS MySql database and how to access that encrypted database using SSL

Time:07-20

I created a MySQL database instance on AWS RDS. screenshot

It is showing encrypted as true. I can access this database using PyMysql in Python but that doesn't requires any certificate . I want to add SSL certication requirements while accessing database. How to do that ?

CodePudding user response:

You have to use encryption in transit for your database. The process is explained in aws docs.

CodePudding user response:

There are 2 types of Encryption: at-rest and in-transit ( more: understanding security when using cloud storage ).

Because your screenshot shows encrypted as true, it means that the encryption at-rest requirement has been enforced.

For that reason it remains the second constraint to be enforced: in-transit, as Marci says too. In order to encrypt the traffic, as you correctly expect, you need to provide a Key. Because those keys have to be managed (kept in a vault, secure), you have few options to use, as you probably already did, the KMS to manage those keys (or [Using SSL/TLS to encrypt a connection to a DB instance])5, or for you to provide those keys.

After you make these decisions, that involves who you trust to manage the secrets for your keys, you can follow any of the path.

If your question would be more specific, we could guide you with the exact path.

  • Related