How to rotate the EC2 pem file of RDS Postgres database without a downtime?

Question

We have RDS postgres database in both Prod and dev environments. We would like to rotate the pem file of underlying EC2 machine but we want to make sure this will not cause downtime to our database. We have a continuous traffic across the world and having a downtime is not possible for us.

Please advise.

Answer

From your question i thought your are running a Postgres Database on an EC2 instance. If you are using AWS RDS managed service and would like to rotate the database login credentials. You can utilize the Secrets Manger here is the blog for the solution .

https://aws.amazon.com/blogs/security/rotate-amazon-rds-database-credentials-automatically-with-aws-secrets-manager/

Answer

If you are running RDS then there is no underlying EC2 for you to manage. Therefore there is no PEM file to rotate.

Answer

Hi,

You can utilize AWS Lambda , AWS Systems Manager and AWS Secrets manger to automate the rotation of AWS SSH keys of an EC2 instance. here is an example blog for the solution https://aws.amazon.com/blogs/security/how-to-use-aws-secrets-manager-securely-store-rotate-ssh-key-pairs/

Thanks,
Abhishek

How to rotate the EC2 pem file of RDS Postgres database without a downtime?

相關內容