Understanding AWS RDS and Aurora

Amazon Relational Database Service (RDS) is a managed relational database service that simplifies the process of deploying, operating, and scaling databases in AWS.

Supported engines include:

• MySQL
• MariaDB
• PostgreSQL
• Oracle
• Microsoft SQL Server

Amazon Aurora is a high-performance, fully managed, MySQL/PostgreSQL-compatible database engine that operates within the RDS ecosystem.

Part 1 : Preparing the Lab Environment

This setup is used to explore Scenario 1: Public RDS Snapshots.

Prerequisites

1. Verify AWS CLI Profile

   Ensure the AWS CLI profile named securitymaster exists.

   Command:

   aws sts get-caller-identity --profile securitymaster
   

   Explanation:

   • aws sts get-caller-identity returns your AWS account and IAM identity.
   • -profile securitymaster instructs the AWS CLI to use authentication credentials stored under that profile.

2. Install MySQL Client (if not already installed)

   sudo apt-get install mysql-client
   

   Explanation: Installs the MySQL CLI tool used to connect to restored RDS instances.

   Verify installation:

   mysql --version
   

Part 2 : Scenario 1 - Public RDS Snapshots

This scenario demonstrates how publicly shared RDS snapshots can expose sensitive data.

Objective

1. Locate a publicly shared RDS snapshot in us-east-1.
2. Check if the snapshot is encrypted.
3. Restore a database instance from the snapshot.