RDS Security & Encryption Flashcards
What encryption options does Amazon RDS offer?
Amazon RDS supports encryption at rest using AWS Key Management Service (KMS) and also allows encryption of data in transit using SSL/TLS.
How does Amazon RDS handle network security?
Security Groups: Controls inbound and outbound traffic to RDS instances.
VPC: Instances can be launched within a Virtual Private Cloud to isolate them from other networks.
What access management features does Amazon RDS provide?
IAM Policies: Manages database access using AWS Identity and Access Management (IAM) policies.
Database Authentication: Supports IAM authentication for MySQL and PostgreSQL; allows integration with AWS Directory Service for Microsoft SQL Server.
What monitoring and compliance tools are available with Amazon RDS?
Amazon RDS Event Notifications: Alerts via SNS for RDS events.
AWS CloudTrail: Logs and monitors API calls to RDS, including calls made via the AWS Management Console, AWS SDKs, and command line tools.
AWS Config: Tracks configurations and changes to aid in compliance needs.