AWS Training and Certification Module 3 AWS Database Options 2018 Amazon Web

Aws training and certification module 3 aws database

This preview shows page 136 - 140 out of 275 pages.

AWS Training and Certification Module 3: AWS Database Options © 2018 Amazon Web Services, Inc. or its affiliates All rights reserved. 136
Image of page 136
You can manage access to your Amazon Relational Database Service (Amazon RDS) resources and your databases on a DB instance. The method you use to manage access depends on what type of task the user needs to perform with Amazon RDS. Run your DB instance in an Amazon virtual private cloud (VPC) for the greatest possible network access control. Use AWS Identity and Access Management (IAM) policies to assign permissions that determine who is allowed to manage RDS resources. For example, you can use AWS IAM to determine who is allowed to create, describe, modify, and delete DB instances, tag resources, or modify DB security groups. Use security groups to control which IP addresses or EC2 instances can connect to your databases on a DB instance. When you first create a DB instance, its firewall prevents any database access except through rules specified by an associated security group. Use Secure Socket Layer (SSL) connections with DB instances running the MySQL, MariaDB, PostgreSQL, or Microsoft SQL Server database engines. Use Amazon RDS encryption to secure your RDS DB instances and snapshots at rest. Amazon RDS encryption uses the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts your RDS DB instance. Use network encryption and transparent data encryption with Oracle DB instances. Use the security features of your DB engine to control who can log in to the databases on a DB instance, just as you would if the database was on your local network. AWS Training and Certification Module 3: AWS Database Options © 2018 Amazon Web Services, Inc. or its affiliates All rights reserved. 137
Image of page 137
For more information, see: Using Amazon RDS with Amazon Virtual Private Cloud (VPC) - http:// docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html Setting up an IAM user - http:// docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SettingUp.html# CHAP_SettingUp.IAM Using SSL with a DB instance - http:// docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html Encrypting Amazon RDS Resources - http:// docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.ht ml Oracle NNE - http:// docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Option s.html#Appendix.Oracle.Options.NetworkEncryption Oracle TDE - http:// docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Option s.html#Appendix.Oracle.Options.AdvSecurity AWS Training and Certification Module 3: AWS Database Options © 2018 Amazon Web Services, Inc. or its affiliates All rights reserved. 138
Image of page 138
The slide shows a simple application stack with an application running in an Amazon EC2 instance supported by a master database running in an Amazon RDS database instance. Presenting the application behind an elastic load balancer allows for compute resiliency and scaling features such as Auto Scaling and ELB groups to be adopted in the future.
Image of page 139
Image of page 140

You've reached the end of your free preview.

Want to read all 275 pages?

  • Summer '18
  • Pedi
  • Amazon Web Services, AWS, Amazon Elastic Compute Cloud

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes