Configure your AWS RDS PostgreSQL configuration

This topic describes how you can configure your AWS RDS PostgreSQL configuration for Supply Chain Security Tools (SCST) - Store.

Prerequisite

You must have an AWS account.

Set up a certificate and configuration

To set up a certificate and configuration:

  1. Create an Amazon RDS Postgres using the Amazon RDS Getting Started Guide

  2. After the database instance starts, retrieve the following information:

    • Database Instance Endpoint
    • Master Username
    • Master Password
    • Database Name
    Note

    If the database name is - in the AWS RDS UI, the value is likely to be postgres.

  3. Create a security group to allow inbound connections from the cluster to the Postgres DB

  4. Retrieve the corresponding CA Certificate that signed the Postgres TLS Certificate using the following link

  5. In the metadata-store-values.yaml fill the following settings:

    db_host: "<DB Instance Endpoint>"
db_user: "<Master Username>"
db_password: "<Master Password>"
db_name: "<Database Name>"
db_port: "5432"
db_sslmode: "verify-full"
db_max_open_conns: 10
db_max_idle_conns: 100
db_conn_max_lifetime: 60
db_ca_certificate: |
   <Corresponding CA Certification>
   ...
   ...
   ...
deploy_internal_db: "false"
Note

If deploy_internal_db is set to false, an instance of Postgres will not be deployed in the cluster.

check-circle-line exclamation-circle-line close-line
Scroll to top icon