Amazon RDS (PostgreSQL) security configuration

I have skuid platform successfully talking to an Amazon RDS (PostgreSQL) database. I want to configure SSL and lockdown the firewall by IP. Is anyone familiar with this process willing to point me in the right direction?

1 Like

Hey @duane!

I have found some documentation on how to lock down your firewall by IP:
https://docs.skuid.com/latest/v2/en/data/sql/#allowlist-ips

You can find this information when clicking on the Data Source Tab on your navigation bar.

Note: Make sure that you allow all the IP addresses shown.

Below is information on how to configure SSL:
https://docs.skuid.com/latest/v2/en/data/sql/#database-ssl-configuration

This can be found when you click on the SSL tab in the same Data Source window.

I hope that helps, and let me know if you have any additional questions!

Thank you @Germany. I have read these resources. I’m afraid I am stuck on implementation specific to Amazon RDS for PostgreSQL. I was hoping someone in the community had done this before on that platform. It doesn’t look like it should be rocket science, but so far, the answer is escaping me.

Ahh, I see. Unfortunately, I have not done that type of implementation before. I did find a doc that could help walk you through the process(I’m sure you have already seen) :

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Concepts.General.SSL.html

I will keep digging and will let you know if I find something!

Thanks,

I did get this working over the weekend. Once I figured it out, it only takes 15-20 minutes to setup.

I have tested and proved that the skuid connection is talking over SSL (the database now requires SSL).

I find it concerning that the skuid data source will not stay in Verify mode; it reverts to back Prefer mode. This might have something to do with using a Server CA and not a Client Key of Certificate.

That’s odd. Working with the team now to see what is going on.

I will ping you once I hear back.

Cheers,