Question

A web application, which is hosted in your on-premises data center and uses a MySQL database, must be migrated to AWS Cloud. You need to ensure that the network traffic to and from your RDS database instance is encrypted using SSL. For improved security, you have to use the profile credentials specific to your EC2 instance to access your database, instead of a password. Which of the following should you do to meet the above requirement?

a. Setting up an RDS database and enable the IAM DB Authentication
b. Launching a new RDS database instance with the Backtrack feature enabled
c. Configuring your RDS database to enable encryption
d. Launching the mysql client using the --ssl-ca parameter when connecting to the database.

Answer 1

To meet the requirement of encrypting network traffic to and from the RDS database instance hosted on AWS Cloud, you should configure your RDS database to enable encryption and use the profile credentials specific to your EC2 instance to access the database.

Step-by-step explanation:

To meet the requirement of encrypting network traffic to and from the RDS database instance hosted in the AWS Cloud, you need to configure your RDS database to enable encryption. This can be done by selecting the option to enable encryption when creating or modifying the RDS instance. By enabling encryption, the network traffic will be encrypted using SSL.

To ensure improved security, you can use the profile credentials specific to your EC2 instance to access the database instead of a password. This can be achieved by launching the mysql client using the --ssl-ca parameter when connecting to the database. This ensures that the client uses the SSL certificate along with your EC2 instance profile credentials to establish a secure connection.