By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post

Granular per-instance access in an Aurora DB cluster

0

We have an Aurora DB cluster with one writer instance and a couple of read replicas. According to AWS documentation it's only possible to change security groups for the cluster at whole. Indeed, when we tried to change the group for one of our read replicas that should have less strict access rules, it affected all instances in the cluster. Does anyone know if there's a way (possibly not so direct one) to assign an additional security group to a certain replica in the cluster? Help is much appreciated, thanks!

Topics
DatabaseNetworking & Content Delivery
Tags
Amazon AuroraSecurity Group
Language
English
AWS-User-1305630
asked 2 years ago292 views
1 Answer
0

Hi there, from the case notes I understand you want to assign an additional security group to one of the read replica in the cluster. An Amazon Aurora DB cluster consists of one or more DB instances and a cluster volume that manages the data for those DB instances. I did it on my end and it is possible to add additional security groups within the same VPC ,but it is not possible to assign security groups and not affect all your instances.A VPC can have multiple security groups and help in restricting certain IP ranges. I have provided you with additional documentation under the reference section. I hope this was helpful! Reference [1]https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Security.html

Karabo
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content