Reputation: 1436
AWS RDS MySQL database username and password sufficient for commercial security
I'm new to cloud computing so this might be an obvious question. I have a desktop Java application that will connect to an AWS RDS MySQL database using JDBC. Is using the endpoint, username and password for the database the preferred commercial way of connecting to the database?
To encrypt communication I plan to use SSL.
Upvotes: 2
Views: 1087
Answers (1)
Reputation: 521178
You could open your database instance to the outside, using regular credentials. But, a safer way to proceed might be to create an endpoint in AWS, possibly running in Java, which would expose one or more APIs which in turn would hit the MySQL database running in RDS. That is, you would not expose the RDS instance to the outside world directly, but only internally to this API, also running in AWS. Then, your desktop Java application would talk to this intermediary application when it needs to access the database.
The advantage of this suggestion is that it lessens the risk of your RDS instance being attacked via something like DOS. Of course, the API you create on top of the database could also be attacked. But, Java web application running in a container (and other similar applications in other languages) were designed to be exposed to the outside, much less so database instances.
Upvotes: 1
Related Questions
- Creating A New MySQL User In Amazon RDS Environment
- How to secure AWS RDS master username and password?
- AWS RDS (MySQL) Secure Connection
- Using IAM Role to allow access to MySQL database on RDS
- Amazon RDS MySQL: setting user names and passwords
- Set up a connection to AWS RDS from a MySQL client using AMI as authentication layer.
- MySQL, Remote connection and security
- MySQL and Amazon RDS DBA user
- Amazon RDS and client MySQL database securely
- Securing a web server with local MySQL database