As you can probably tell from the pace of releases on this blog, the Amazon RDS team has been designing, implementing, and deploying new features at a very rapid clip. They've added a number of data protection and security features to create a product that's a great match for enterprise deployments.
Today, we're announcing SSL support for RDS for SQL Server.
With this change, you can now protect and secure your data both in transit and at rest:
- Enable SQL Server SSL to protect data as it travels from your application server to your RDS database instance and back again.
- Use SQL Server's column level encryption to protect data at rest.
- Launch your RDS database instance running SQL Server in a Virtual Private Cloud for network isolation.
Enabling SSL Support
Here's all you need to do to enable SSL Support:
- Download a public certificate key from RDS at https://rds.amazonaws.com/doc/rds-ssl-ca-cert.pem
- Use the Microsoft Management Console (MMC) to import the certificate into Windows:
Making SSL Connections
You can establish an SSL connection to your RDB database instance running SQL Server in a number of ways. Here are two of the most common.
If you are making a programmatic connection to RDS, add "encrypt=true" to your connection string. For example:
If you use SQL Server Management Studio, select the "Encrypt connection" option:
I believe that the combination of these three features makes RDS for SQL Server a perfect fit for just about any enterprise. What do you think?
PS - Before you ask, you can also establish SSL connections to an RDS database instance running MySQL (see my blog post for more information).