Create an encrypted MySQL database on RDS, place it within VPC and allow traffic
Services Covered
RDS
VPC
KMS
Lab description
Your company is planning to deploy a new web application into an AWS environment. They have tasked you with providing a MySQL 8.0 Amazon RDS database instance.
Learning Objectives
- Create an AWS KMS Customer Master Key
- Create a MySQL 8.0 Amazon RDS Instance
- Create an Amazon VPC Security Group that Allows MySQL traffic
- Take a Snapshot of the Amazon RDS Instance
Lab date
30-11-2021
Prerequisites
- AWS account
Lab steps
- Create an AWS KMS Customer Master Key. In the KMS dashboard create a symmetric KMS customer master key. Assign yourself as Key administrator.
- Create an Amazon VPC Security Group that Allows MySQL traffic. In the VPC Dashboard go to Security Groups and create a SG that satisfies the following conditions:
Uses the TCP protocol
Allows inbound traffic on port 3306
Allows traffic from any IP address
- Create a MySQL 8.0 Amazon RDS Instance. Create a MySQL 8.0 Amazon RDS instance that satisfies the following conditions:
- Use Dev/Test as the template
- Encryption is enabled and uses your KMS customer master key
- Uses your security group with port 3306 open publicly
- Uses the db.t3.micro database class
- Uses no more than 20 GB of storage
Note: Leave all other options at their defaults.
- Take a Snapshot of the Amazon RDS Instance.
