cancel
Showing results for 
Search instead for 
Did you mean: 

AWS Aurora secure connection to SAC

richardson_scherer
Discoverer
0 Kudos

Hello;

We are trying to build an application within SAC, using a direct connection to AWS's Aurora database.

One of the requirements is that this connection is secure, but this is where we are unable to properly configure the application.

For simple access, we added a JDBC driver for PostgreSQL, and within SAC we configured a connection type 'SQL Database', within our Location, with type 'PostgreSQL'. In the next step, we correctly configured the host (our endpoint within AWS Aurora), port and credentials (username and password). And this gave us a connection, making it possible to use it as a data source.

However, we haven't found a way to set this connection to be authenticated with an SSL certificate, for example.

How can we establish this connection with these security requirements?

Is there any configuration to be carried out within the Cloud Connector?

Accepted Solutions (0)

Answers (1)

Answers (1)

mfoeken
Active Contributor
0 Kudos

Hi richardson.scherer,

When you are connecting via the PostgreSQL driver you are using the Cloud Agent to connect to the AWS Aurora endpoint. Which part of the communication is not secured with an SSL certificate? Because the AWS Aurora endpoint must have SSL configured and the Cloud Connector has an SSL tunnel as well? Do you want to add SSL between Cloud Connector and Cloud Agent?

Kind regards,
Martijn van Foeken | Interdobs

richardson_scherer
Discoverer
0 Kudos

Hi foekenm ,

Exactly, today we are using Cloud Agent to connect to our Aurora endpoint.

However, because of other internal products, we have the SSL option available, but it does depend on the client to use it, so we need a way to activate it through the Cloud Agent.

We do not necessarily need to add SSL between the Cloud Connector and the Agent, I suggested this in my question as it was an alternative we were trying. If there is a way to configure SSL for this connection directly in the Cloud Agent, that would fit our needs.

Thank you for your interest.

Kind regards