This topic describes how you can edit your AWS RDS PostgreSQL configuration for Supply Chain Security Tools (SCST) - Store.
You must have an AWS account.
To set up a certificate and configuration:
Create an Amazon RDS PostgreSQL DB instance by using the Amazon RDS documentation
After the database instance starts, retrieve the following information:
NoteIf the database name is
-
in the AWS RDS UI, the value is likely to bepostgres
.
Create a security group to allow inbound connections from the cluster to the PostgreSQL DB.
Retrieve the corresponding CA Certificate that signed the PostgreSQL TLS Certificate by using the Amazon RDS documentation
In metadata-store-values.yaml
replace the following placeholders with your values:
db_host: "<DB Instance Endpoint>"
db_user: "<Master Username>"
db_password: "<Master Password>"
db_name: "<Database Name>"
db_port: "5432"
db_sslmode: "verify-full"
db_max_open_conns: 10
db_max_idle_conns: 100
db_conn_max_lifetime: 60
db_ca_certificate: |
<Corresponding CA Certification>
...
...
...
deploy_internal_db: "false"
NoteIf
deploy_internal_db
is set tofalse,
an instance of PostgreSQL is not deployed in the cluster.