Hi, you can use postgres_fdw extension to setup encrypted in transit connection to foreign PG based database on premise. In order to enforce ssl please use sslmode in the connection string. You can find an example here:
FDW uses CREATE SERVER to create foreign (remote) server mapping as the PostgreSQL-based server from which we pull the data. A foreign server typically encapsulates connection information that an FDW uses to access an external data resource. It uses the same connection options as libpq. SSLMODE ‘require’ makes sure that the data is encrypted in transit. See the following code:
pgfdwsource=> create server my_fdw_target Foreign Data Wrapper postgres_fdw OPTIONS (DBNAME 'pgfdwtarget', HOST 'pgfdwtarget.xxxx.us-west-2.rds.amazonaws.com', SSLMODE 'require');
Following blog will also be helpful for more information on postgres_fdw: https://aws.amazon.com/blogs/database/federated-query-support-for-amazon-aurora-postgresql-and-amazon-rds-for-postgresql/
Unfortunately, as of now you cannot upload a custom certification to your RDS or Aurora environment.
Relevant questions
RDS Postgres SSL/TLS certificate rotation via CloudFormation
asked 3 years agoTrying to copy a postgres instance from a local postgres server to an RDS instance via DMS
asked 2 months agoHow to restrict database users for RDS Postgres using AWS Managed AD trusted with customer on-prem AD
Accepted Answerasked 2 years ago60K updates to RDS Postgres - performance challenge
Accepted Answerasked 2 years agoRDS Postgres Logical replication access to essential table denied
Accepted Answerasked 4 years agoCan't Modify RDS Postgres "R6i" Stand-Alone instance to Multi-AZ, Fails
asked 16 days agoHow to investigate Aurora Postgres IAM authentication errors from rdsauthproxy
asked 10 months agoIssues connecting to Postgres RDS instance from within a VPC
asked 3 years agoHow can I connect Google Data Studio to an Private AWS RDS Postgres instance?
asked 4 months agoHow to create SSL dblink connection from RDS to postgres on premise?
asked 8 months ago