[72/100] #100DaysOfCloud Today, I started the Week 4 of the FREE AWS Cloud Project Bootcamp by Andrew Brown.
I was lazy today and didn't do anything much other than watch Ashish's Week 4 - Security Considerations video - Securing Your Amazon RDS Postgres Database. He talks about the different Databases in cloud and the types of database engine in Amazon RDS.
Then he talks about the Business use case of it and shows a demo on creating a RDS Postgres Database and connect to it securely.
A few of the security best practices are:
- Use VPC to create a private network for RDS instance. It helps to prevent unauthorized access to our instance from public internet.
- RDS instances should only be in AWS regions that you are legally allowed to be holding user data in.
- Enable CloudTrail to monitor alerts on malicious RDS behavior.
- Security groups should be restricted only t known IPs.
- Don't let the RDS be internet accessible.
- Use Secrets Manager to automatically rotate secrets for RDS.
- Use appropriate IAM authentications.
You can watch the Bootcamp through this YouTube playlist : FREE AWS Cloud Project Bootcamp playlist