Database
RDS
Amazon Relational Database Service(RDS)를 사용하면 클라우드에서 관계형 데이터베이스를 간편하게 설정, 운영 및 확장할 수 있습니다. RDS의 보안관련 기능들은 아래와 같습니다.
Bookmark
- Amazon RDS의 보안
- Amazon Aurora의 보안
- Support - 사용자가 자신의 IAM 자격 증명을 사용하여 Amazon RDS MySQL DB 인스턴스에 대해 인증할 수 있도록 하려면 어떻게 해야 하나요?
- 가이드 - Automatically remediate unencrypted Amazon RDS DB instances and clusters
- 가이드 - Enable transparent data encryption in Amazon RDS for SQL Server
- 가이드 - Encrypt an existing Amazon RDS for PostgreSQL DB instance
- 가이드 - Enforce automatic tagging of Amazon RDS databases at launch
- 가이드 - Monitor Amazon Aurora for instances without encryption
- Blog - IAM role-based authentication to Amazon Aurora from serverless applications
- Blog - Applying best practices for securing sensitive data in Amazon RDS
- Blog - Performing SQL database client-side encryption for multi-Region high availability
- Blog - Securing data in Amazon RDS using AWS KMS encryption
- Blog - Select the right encryption options for Amazon RDS and Amazon Aurora database engines
- Blog - How to use IAM multifactor authentication with Amazon RDS
- Blog - Working with RDS and Aurora PostgreSQL logs: Part 1
- Blog - Working with RDS and Aurora PostgreSQL logs: Part 2
- Blog - Using IAM authentication to connect with pgAdmin Amazon Aurora PostgreSQL or Amazon RDS for PostgreSQL
- Blog - Customizing security parameters on Amazon RDS for SQL Server
- Blog - Setting up passwordless login from Amazon EC2 Windows and Linux instances to Amazon RDS Oracle database instances
- Blog - SSL connection to an Amazon Aurora PostgreSQL database from a C++ application using Visual Studio
- Blog - Architecting for database encryption on AWS
- Blog - Preparing on-premises and AWS environments for external Kerberos authentication for Amazon RDS
- Blog - Using external Kerberos authentication with Amazon RDS for Oracle
- Blog - Using external Kerberos authentication with Amazon Aurora PostgreSQL
- Blog - Accessing an Amazon RDS instance remotely using AWS Client VPN
- Blog - Configuring and using Oracle Connection Manager on Amazon EC2 for Amazon RDS for Oracle
- Blog - SCRAM Authentication in RDS for PostgreSQL 13
- Blog - Managed disaster recovery with Amazon RDS for Oracle cross-Region automated backups – Part 1
- Blog - Managed disaster recovery with Amazon RDS for Oracle cross-Region automated backups – Part 2
- Blog - Validate Native Network Encryption on Amazon RDS for Oracle
- Blog - Architect a Managed Disaster Recovery on Amazon RDS for SQL Server: Part 1
- Blog - Architect a Managed Disaster Recovery on Amazon RDS for SQL Server: Part 2
- Blog - How to encrypt Amazon Aurora using AWS KMS and your own CMK
- Blog - Cross-Region, cross-account disaster recovery using Amazon Aurora Global Database
- Blog - Use Amazon RDS Proxy with read-only endpoints
- Blog - IAM authentication with Amazon RDS for MariaDB
- Blog - Auditing for highly regulated industries using Amazon Aurora PostgreSQL
- Blog - Security auditing in Amazon RDS for Oracle: Part 1
- Blog - Security auditing in Amazon RDS for Oracle: Part 2
- Blog - Securely connect to an Amazon RDS or Amazon EC2 database instance remotely with your preferred GUI
- Blog - TDE certificate rotation on Amazon RDS for SQL Server
- Blog - Multi-user secrets rotation for Amazon RDS
- Blog - Migrate TDE-enabled SQL Server databases to Amazon RDS for SQL Server
- Blog - How to use Amazon RDS and Amazon Aurora with a static IP address
- Blog - Access Amazon RDS across VPCs using AWS PrivateLink and Network Load Balancer
- Blog - Use Amazon RDS Proxy to provide access to RDS databases across AWS accounts
DynamoDB
Amazon DynamoDB는 어떤 규모에서도 10밀리초 미만의 성능을 제공하는 키-값 및 문서 데이터베이스입니다. DynamoDB의 보안관련 기능들은 아래와 같습니다.
Bookmark
- Amazon DynamoDB의 보안
- GIT - Client-side Encryption(Java) for Amazon DynamoDB
- 가이드 - Help enforce DynamoDB tagging
- Blog - Understanding Amazon DynamoDB encryption by using AWS Key Management Service and analysis of API calls with Amazon Athena
- Blog - Best practices for securing sensitive data in AWS data stores
- Blog - How to Configure a Private Network Environment for Amazon DynamoDB Using VPC Endpoints
- Blog - Client-side Encryption for Amazon DynamoDB
- Blog - Bring your own encryption keys to Amazon DynamoDB
- Blog - Securing Amazon RDS and Aurora PostgreSQL database access with IAM authentication
- Blog - Multi-tenant data isolation with PostgreSQL Row Level Security
- Blog - Amazon DynamoDB now supports audit logging and monitoring using AWS CloudTrail
- Blog - Using CloudTrail data events with Athena and CloudWatch to create an audit trail for DynamoDB tables events
- Blog - Introducing DML auditing for Amazon DocumentDB (with MongoDB compatibility)
ElastiCache
Amazon ElastiCache는 완전관리형 Redis 및 Memcached를 제공합니다. ElastiCache의 보안관련 기능들은 아래와 같습니다.
Bookmark
- Amazon ElastiCache Redis의 보안
- Amazon ElastiCache Memcached의 보안
- 가이드 - Monitor ElastiCache clusters for security groups
- 가이드 - Monitor Amazon ElastiCache clusters for at-rest encryption
- Blog - Open Sourcing Encryption in Transit for Redis
- Blog - Amazon ElastiCache for Redis Is Now a HIPAA Eligible Service and You Can Use It to Power Real-Time Healthcare Applications
- Blog - Manage AWS ElastiCache for Redis access with Role-Based Access Control, AWS Secrets Manager, and IAM
Neptune
Amazon Neptune은 빠르고 안정적인 완전관리형 그래프 데이터베이스 서비스로, 상호연결성이 높은 데이터 집합을 활용하는 애플리케이션을 손쉽게 구축 및 실행할 수 있습니다. Neptune의 보안관련 기능들은 아래와 같습니다.
Bookmark
- Amazon Neptune의 보안
- Blog - How LifeOmic’s JupiterOne simplifies security and compliance operations with Amazon Neptune
- Blog - Visualize your AWS Infrastructure with Amazon Neptune and AWS Config
- Blog - Fine Grained Access Control for Amazon Neptune data plane actions
Amazon Redshift
Amazon Redshift는 속도가 빠른 완전관리형 데이터 웨어하우스로, 모든 데이터를 표준 SQL 및 기존 BI(비즈니스 인텔리전스) 도구를 사용하여 간편하고 비용 효율적으로 분석할 수 있습니다. Amazon Redshift의 보안관련 기능들은 아래와 같습니다.
Bookmark
- Amazon Redshift의 보안
- 가이드 - Ensure an Amazon Redshift cluster is encrypted upon creation
- Blog - Protect and Audit PII data in Amazon Redshift with DataSunrise Security
- Blog - How to enable cross-account Amazon Redshift COPY and Redshift Spectrum query for AWS KMS–encrypted data in Amazon S3
- Blog - Federate Database User Authentication Easily with IAM and Amazon Redshift
- Blog - Create an Amazon Redshift Data Warehouse That Can Be Securely Accessed Across Accounts
- Blog - Achieve finer-grained data security with column-level access control in Amazon Redshift
- Blog - Federate Amazon Redshift access with Microsoft Azure AD single sign-on
- Blog - Restrict Amazon Redshift Spectrum external table access to Amazon Redshift IAM users and groups using role chaining
- Blog - Federate access to your Amazon Redshift cluster with Active Directory Federation Services (AD FS): Part 1
- Blog - Federate access to your Amazon Redshift cluster with Active Directory Federation Services (AD FS): Part 2
- Blog - Federating single sign-on access to your Amazon Redshift cluster with PingIdentity
- Blog - Enabling multi-factor authentication for an Amazon Redshift cluster using Okta as an identity provider
- Blog - Federating Amazon Redshift access from OneLogin
- Blog - Automating DBA tasks on Amazon Redshift securely using AWS IAM, AWS Lambda, Amazon EventBridge, and stored procedures
- Blog - Enable private access to Amazon Redshift from your client applications in another VPC
- Blog - Amazon Redshift identity federation with multi-factor authentication
- Blog - Federated authentication to Amazon Redshift using AWS Single Sign-On
- Blog - Security considerations for Amazon Redshift cross-account data sharing
- Blog - Federate Amazon Redshift access with SecureAuth single sign-on
- Blog - Cybersecurity Awareness Month: Learn about the job zero of securing your data using Amazon Redshift
- Blog - Use the default IAM role in Amazon Redshift to simplify accessing other AWS services
- Blog - Use the default IAM role in Amazon Redshift to simplify accessing other AWS services
- Blog - Data Tokenization with Amazon Redshift and Protegrity
- Blog - Federate access to Amazon Redshift using the JDBC browser plugin for Single Sign-on authentication with Microsoft Azure Active Directory
- Blog - Set up cross-account audit logging for your Amazon Redshift cluster
- Blog - Federated access to Amazon Redshift clusters in AWS China Regions with Active Directory Federation Services
- Blog - Integrate Amazon Redshift native IdP federation with Microsoft Azure AD and Power BI
- Blog - Simplify management of database privileges in Amazon Redshift using role-based access control
- Blog - Integrate Amazon Redshift native IdP federation with Microsoft Azure AD and Power BI
- Blog - Simplify management of database privileges in Amazon Redshift using role-based access control
- Blog - Integrate Amazon Redshift native IdP federation with Microsoft Azure AD using a SQL client
- Blog - Share data securely across Regions using Amazon Redshift data sharing
- Blog - Secure data movement across Amazon S3 and Amazon Redshift using role chaining and ASSUMEROLE
- Blog - Federate access to Amazon Redshift query editor V2 with Active Directory Federation Services (AD FS): Part 3
- Blog - Federate single sign-on access to Amazon Redshift query editor v2 with Okta
- Blog - Use AWS CloudWatch as a destination for Amazon Redshift Audit logs
- Blog - Achieve fine-grained data security with row-level access control in Amazon Redshift
- Blog - Accelerate resize and encryption of Amazon Redshift clusters with Faster Classic Resize
- Blog - Integrate Amazon Redshift row-level security with Amazon Redshift native IdP authentication
- Blog - Fine-grained entitlements in Amazon Redshift: A case study from TrustLogix
Amazon QLDB
Amazon QLDB는 완전관리형 원장 데이터베이스로, 중앙의 신뢰할 수 있는 기관이 소유하는 투명하고, 변경 불가능하며, 암호화 방식으로 검증 가능한 트랜잭션 로그를 제공합니다. Amazon QLDB의 보안관련 기능들은 아래와 같습니다.
Bookmark
- Security in Amazon QLDB
- Solutions - Tamper Proof Quality Data Using Amazon QLDB
- Blog - Real-world cryptographic verification with Amazon QLDB
- Blog - How fEMR Delivers Cryptographically Secure and Verifiable Medical Data with Amazon QLDB
- Blog - How Shinsegae International enhances customer experience and prevents counterfeiting with Amazon QLDB
Amazon DocumentDB
Amazon DocumentDB(MongoDB 호환)는 MongoDB 워크로드를 지원하는 빠르고, 확장 가능하며, 가용성이 높은 완전관리형 문서 데이터베이스 서비스입니다. Amazon DocumentDB의 보안관련 기능들은 아래와 같습니다.
Bookmark
- DocumentDB의 보안
- Blog - Introducing role-based access control for Amazon DocumentDB (with MongoDB compatibility)
- Blog - Evaluate Amazon DocumentDB (with MongoDB compatibility) configurations using AWS Config
- Blog - Introducing Amazon DocumentDB (with MongoDB compatibility) user-defined roles for access control
Amazon Keyspaces
Amazon Keyspaces는 고가용성의 확장 가능한 관리형 Apache Cassandra 호환 데이터베이스 서비스입니다. Amazon Keyspaces의 보안관련 기능들은 아래와 같습니다.
Bookmark
Amazon MemoryDB for Redis
Amazon MemoryDB for Redis는 초고속 성능을 위한 Redis 호환, 내구성, 인메모리 데이터베이스 서비스입니다. Amazon MemoryDB for Redis의 보안관련 기능들은 아래와 같습니다.
Bookmark
Amazon Timestream
IoT 및 운영 애플리케이션으로 제공되는 확장이 용이한 고속 서버리스 시계열 데이터베이스 서비스인 Amazon Timestream에서는 관계형 데이터베이스에 비해 최대 10배나 저렴한 비용으로 1,000배 더 빠르게 매일 수조 건의 이벤트를 쉽게 저장하고 분석할 수 있습니다. Amazon Timestream의 보안관련 기능들은 아래와 같습니다.
Bookmark
Database과 관련된 기타 유용한 링크들
준비중.
Remarks
- 이 사이트의 모든 내용은 바뀌거나 수정될 수 있습니다.
- 공식적인 상세한 내용은 http://aws.amazon.com 의 내용을 참조하십시오.
- 제공되는 내용에 이견이 있거나 잘못된 링크를 발견하시면, 관리자(gisunlim@amazon.com)에게 메일을 주시면 대단히 감사하겠습니다.
개인 정보 보호 정책 | 사이트 이용 약관 | © 2020, Amazon Web Services, Inc. 또는 자회사. All rights reserved.