Connector Improvement: PostgreSQL - Aurora AWS Connector Prerequisite Improvement
Answered
According to our backend admin team for AWS, Two of the three requirements for setting up a connection from an Aurora PostgreSQL database go against the best practices provided by the AWS service. The two prereqs they do not want to meet are:
-
Your database host's IP (e.g., 1.2.3.4) or domain (your.server.com)
- TLS enabled on your database. Follow Amazon's TLS setup instructions to enable TLS on your database.
Their explanation:
All of our databases sit on the private subnet within our DMZ. This is done in accordance with AWS best practice along with meeting cyber security requirements. Since our database is hosted within a DMZ we would not enable TLS.
It would be nice for Fivetran to make improvements to align with connector with AWS Cybersecurity best practices. This is a big roadblock for new data ingestion that we need.
-
Official comment
Hi Max,
Thanks for pointing this out. These two points should not be prerequisites in your setup, as long as you use PrivateLink (or other non-direct connection method) for connectivity between Fivetran and your database. We will update the documentation appropriately.
Thanks,
Val Kulichenko, Fivetran Product Team
Please sign in to leave a comment.
Comments
1 comment