Automating Database Tasks Across Heterogeneous Database Environments

Multiple types of Databases.

OBJECTIVE:

If your organization utilizes multiple types of databases such as MSSQL, MySQL, Postgres, and more, managing the security, user creation, user tracking, monitoring user activity, and handling user modifications or deletions can become a complex and challenging task. In this blog, we will delve into an effective approach to address these scenarios using automation, streamlining the management of diverse databases and ensuring efficient and secure operations.

OVERVIEW:

To streamline the above things in a diverse database environment, the following high-level steps need to be implemented.

1. Always create any DB in a private subnet and use the bastion host to connect to the DB.
2. Disallow any user or application to connect to DB directly via VPN or locally.
3. Connection to DB should go through Bastion host only and use VPN to connect to Bastion host.
4. Use one single bastion host to connect to multiple types of DBs(RDS, self-hosted and etc.)
5. Have connectivity to all the DBs from the bastion host.
6. Use EC2 user credentials to perform SSH-Tunneling from any DB tool like DBeaver.
7. In the Bastion host, have…