In the last post I looked at how to bring up a PostgreSQL instance in the Amazon cloud. In this post I’ll look into how to restrict access to this instance to specific IP addresses to strengthen security. If you think about moving things to the cloud you for sure want to make the stuff accessible to restricted people or systems only.
On the left side there is a “Security Groups” menu which sounds like what we want:
When a PostgreSQL instance is created a default security group is created with allows the machine with my local IP address to access the instance. No other clients are accepted by default:
When there are discussions about putting things into the cloud security is always a topic and it seems that Amazon did a good job here. At least for these simple tests I could prevent access to my instance very easy and fast and I am able to adjust the security settings to my needs.
In the next post I’ll look at how I can configure my PostgreSQL instance. Only when I am able to adjust the configuration for the workloads I expect the offering is really usable. Stay tuned …