Amazon Relational Database Service (AWS RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. The RDS database server used by the Deep Security Manager is deployed across two (2) Availability Zones, providing high availability at the database layer.
AWS RDS is also available on several database instance types - optimized for memory, performance or I/O - and provides six (6) familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server.
Learn how to deploy AWS RDS and how Deep Security Manager establish connection to AWS RDS in Amazon Virtual Private Cloud (AWS PVC).
Below is a sample topology:
This procedure has been tested in the environment specified below:
- Deep Security Manager 11.0
- Deep Security Agent 11.0.0-326 for Windows x86_64
- AWS VPC: Public subnet and Private subnet
- Database: AWS RDS, MS SQL 2016 Standard Edition
- Browser: Internet Explorer (recommended)
Do the following:
- Open the Amazon console and select RDS.
- On the dashboard, click Create Database.
- Select Microsoft SQL server and tick SQL Server Standard Edition.
- Choose Dev/Test, since this procedure is for proof of concept (POC) only.
- Under DB engine version, select SQL Server 2016. For SQL Server 2017, it only supports version 11.2 and above.
- Under DB instance class, select db.m4.large for POC.
- Enter the basic database settings (instance identifier, username, and password) and click Next.
- Make sure to place the database in your own AWS VPC.
- Follow the default configuration settings.
- Click Create Database.
A notification stating "Your DB instance is being created." will appear.
After a few minutes, your database has been completed.
- Connect to SQL Server and create database "dsm" for Deep Security Manager.
- Install Deep Security Manager and set up database related task.
- Verify that you can log in to Deep Security Manager.
Deep Security Manager is now connected to AWS RDS.