Create an encrypted MySQL database on RDS, place it within VPC and allow traffic

Services Covered

  • RDS RDS
  • VPC VPC
  •  KMS

Lab description

Your company is planning to deploy a new web application into an AWS environment. They have tasked you with providing a MySQL 8.0 Amazon RDS database instance.


Learning Objectives

  • Create an AWS KMS Customer Master Key
  • Create a MySQL 8.0 Amazon RDS Instance
  • Create an Amazon VPC Security Group that Allows MySQL traffic
  • Take a Snapshot of the Amazon RDS Instance

Lab date

30-11-2021


Prerequisites

  • AWS account

Lab steps

  1. Create an AWS KMS Customer Master Key. In the KMS dashboard create a symmetric KMS customer master key. Assign yourself as Key administrator.
  2. Create an Amazon VPC Security Group that Allows MySQL traffic. In the VPC Dashboard go to Security Groups and create a SG that satisfies the following conditions:

    Uses the TCP protocol
    Allows inbound traffic on port 3306
    Allows traffic from any IP address

  3. Create a MySQL 8.0 Amazon RDS Instance. Create a MySQL 8.0 Amazon RDS instance that satisfies the following conditions:
    • Use Dev/Test as the template
    • Encryption is enabled and uses your KMS customer master key
    • Uses your security group with port 3306 open publicly
    • Uses the db.t3.micro database class
    • Uses no more than 20 GB of storage

    Note: Leave all other options at their defaults.

  4. Take a Snapshot of the Amazon RDS Instance.

Lab files


Acknowledgements

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *