Uploaded image for project: 'Hybrid Cloud Console'
  1. Hybrid Cloud Console
  2. RHCLOUD-36456

Enforce the use of SSL between Inventory API and RDS

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • Unset
    • None

      Based on recent issues with SpiceDB, its possible that connections to RDS may not use SSL when there are too many connections. We need to update our configuration to ensure SSL is forced which will also require the CA Cert be verified based on AWS Docs

      https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Concepts.General.SSL.html#PostgreSQL.Concepts.General.SSL.Connecting

      Done Criteria

      • Ensure that when RDS is used:
        • postgres storage flag for sslmode is set to verify-full
        • the RDS CA cert is available to the pod and the path is set for the postgres storage CA cert flag
      • Ensure these settings work whether persistence is on or not

              anatale.openshift Antony Natale
              anatale.openshift Antony Natale
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: