> case, I will need to expose the internal database server to the Web via
> TCP, right?
Technically, yes, but you still have pretty fine-grained control over who can
come in to your database, via Postgres things like pg_hba.conf and good passwords,
as well as OS-level things like iptables and port knocking.
> If so, there is a way to make the master send the data to standby?
You could certainly use traditional file-based log shipping to move the
WAL files from the master to the standby, by any secure means you want,
iincluding an intermediary system. However, this can be hard/impossible
for SaaS things like Heroku and RDS, which don't allow complete
file-level access.
--
Greg Sabino Mullane greg@endpoint.com
End Point Corporation
PGP Key: 2529 DF6A B8F7 9407 E944 45B4 BC9B 9067 1496 4AC8