How to Connect to RDS MySQL using AWS Secrets Manager from EC2 and Lambda by AWS Avinash Reddy
ฝัง
- เผยแพร่เมื่อ 16 ก.ย. 2024
- In this Video, I've explained the process of managing and retrieving secrets using AWS Secrets Manager. Learn step-by-step how to securely fetch secrets from Secrets Manager on both an EC2 instance and a Lambda function. I'll guide you through the setup and demonstrate how to establish a secure connection to a MySQL database, ensuring your sensitive information is handled with the utmost care.
GitHub Link for Commands and Lambda function : github.com/avi...
🔒 Key Takeaways:
Setting up AWS Secrets Manager for secure secret storage.
Retrieving secrets programmatically from an EC2 instance.
Integrating AWS Lambda to seamlessly access secrets.
Establishing a secure connection to a MySQL database.
Don't miss out on enhancing your security practices and streamlining your application's access to sensitive data!
Thanks for the tutorial! In this case, the EC2 has a role attached to access to the Secrets Manager? How can I protect the Secrets Manager to only accept connections from a particular machine? Thank you :)
Encrypt the secreta using a kms cmk and provide access to only specific role to decrypt the Secret.
Is the process same for the PostgreSQL? Actually I was unable to deploy my application (django todo app).Bcoz, my credentials are in .env file (environment variable) and its not included in the image which is uploaded in ECR. (problem where to keep my .env in AWS && how to connect .env AND db while deployment). Your guidance will be remembered forever.
Hi, yes, process almost similar for any RDS DB engine.
You have 3 options to configure
1. Use Parameter store to store sensitive info and access it from ec2/ecs.
2. Store it in secrets manager and access it from your application.
3. if you are using batch to process your ecr image, you can configure your info as Environment variables.
@@avizway Thanks so much for this precious info!! I would like to go with Parameter Store,, but for that I need guidance or tutorial. As a beginner AWS seems to be divided in various services. (Many things to be touched in sequence) Otherwise, I've to opt for paid AWS support.