InfoGrab Docs

Amazon RDS Proxy를 통한 PostgreSQL 데이터베이스 액세스

요약

Teleport can provide secure access to Amazon RDS proxy for PostgreSQL via the Teleport Database Service. In this guide, you will:

Teleport can provide secure access to Amazon RDS proxy for PostgreSQL via the Teleport Database Service. This allows for fine-grained access control through Teleport's RBAC.

In this guide, you will:

  1. Configure your Amazon RDS proxy for PostgreSQL database with IAM authentication.
  2. Add the database to your Teleport cluster.
  3. Connect to the database via Teleport.

How it works#

(!docs/pages/includes/database-access/how-it-works/iam.mdx db="RDS Proxy" cloud="AWS"!)

(!docs/pages/includes/database-access/auto-discovery-tip.mdx dbType="RDS Proxy" providerType="AWS"!)

Prerequisites#

(!docs/pages/includes/edition-prereqs-tabs.mdx!)

  • AWS account with RDS Proxy instances and permissions to create and attach IAM policies.
  • Any RDS Proxy instances intended for connection through Teleport must have TLS enabled.
  • A host, e.g., an EC2 instance, where you will run the Teleport Database Service.
  • (!docs/pages/includes/tctl.mdx!)

Step 1/6. Install Teleport#

(!docs/pages/includes/install-linux.mdx!)

Step 2/6. Create a Teleport Database Service configuration#

(!docs/pages/includes/tctl-token.mdx serviceName="Database" tokenType="db" tokenFile="/tmp/token"!)

(!docs/pages/includes/database-access/alternative-methods-join.mdx!)

Create the Database Service configuration. Replace

Step 6/6. Connect#

Once the Database Service has started and joined the cluster, log in to see the registered database:

$ tsh login --proxy= --user=alice
$ tsh db ls
Name                         Description                     Labels
---------------------------- ------------------------------- -------
rds-proxy                    RDS Proxy in us-west-1          ...

Retrieve credentials for the database and connect to it as the alice user:

$ tsh db connect --db-user=alice --db-name=dev rds-proxy

(!docs/pages/includes/database-access/db-access-webui-ad.mdx dbType="PostgreSQL and MySQL"!)

To log out of the database and remove credentials:

$ tsh db logout rds-proxy

Troubleshooting#

(!docs/pages/includes/database-access/aws-troubleshooting.mdx!)

(!docs/pages/includes/database-access/aws-troubleshooting-max-policy-size.mdx!)

Next steps#

(!docs/pages/includes/database-access/guides-next-steps.mdx!)

Amazon RDS Proxy를 통한 PostgreSQL 데이터베이스 액세스

원문 보기
요약

Teleport can provide secure access to Amazon RDS proxy for PostgreSQL via the Teleport Database Service. In this guide, you will:

Teleport can provide secure access to Amazon RDS proxy for PostgreSQL via the Teleport Database Service. This allows for fine-grained access control through Teleport's RBAC.

In this guide, you will:

  1. Configure your Amazon RDS proxy for PostgreSQL database with IAM authentication.
  2. Add the database to your Teleport cluster.
  3. Connect to the database via Teleport.

How it works#

(!docs/pages/includes/database-access/how-it-works/iam.mdx db="RDS Proxy" cloud="AWS"!)

(!docs/pages/includes/database-access/auto-discovery-tip.mdx dbType="RDS Proxy" providerType="AWS"!)

Prerequisites#

(!docs/pages/includes/edition-prereqs-tabs.mdx!)

  • AWS account with RDS Proxy instances and permissions to create and attach IAM policies.
  • Any RDS Proxy instances intended for connection through Teleport must have TLS enabled.
  • A host, e.g., an EC2 instance, where you will run the Teleport Database Service.
  • (!docs/pages/includes/tctl.mdx!)

Step 1/6. Install Teleport#

(!docs/pages/includes/install-linux.mdx!)

Step 2/6. Create a Teleport Database Service configuration#

(!docs/pages/includes/tctl-token.mdx serviceName="Database" tokenType="db" tokenFile="/tmp/token"!)

(!docs/pages/includes/database-access/alternative-methods-join.mdx!)

Create the Database Service configuration. Replace

Step 6/6. Connect#

Once the Database Service has started and joined the cluster, log in to see the registered database:

$ tsh login --proxy= --user=alice
$ tsh db ls
Name                         Description                     Labels
---------------------------- ------------------------------- -------
rds-proxy                    RDS Proxy in us-west-1          ...

Retrieve credentials for the database and connect to it as the alice user:

$ tsh db connect --db-user=alice --db-name=dev rds-proxy

(!docs/pages/includes/database-access/db-access-webui-ad.mdx dbType="PostgreSQL and MySQL"!)

To log out of the database and remove credentials:

$ tsh db logout rds-proxy

Troubleshooting#

(!docs/pages/includes/database-access/aws-troubleshooting.mdx!)

(!docs/pages/includes/database-access/aws-troubleshooting-max-policy-size.mdx!)

Next steps#

(!docs/pages/includes/database-access/guides-next-steps.mdx!)