Shared hosting with FDW on AWS RDS
| От | auxsvr |
|---|---|
| Тема | Shared hosting with FDW on AWS RDS |
| Дата | |
| Msg-id | 4776368.YtMxgcCULL@localhost.localdomain обсуждение исходный текст |
| Ответы |
Re: Shared hosting with FDW on AWS RDS
|
| Список | pgsql-general |
Hi, We'd like to configure an RDS server for shared hosting. The idea is that every customer will be using a different databaseand FDW will be configured, so that the remote tables have access to the full data, but materialized views will bepulling from them data specific to each customer. So far, everything seems to work fine and be secure, as we've revokedaccess to the remote tables for the customer users, but I'm feeling a bit uneasy considering that the credentialsfor full access are stored in each database. My understanding is that remote user mapping is designed so thatthis will not be an issue, but I was wondering if access to the metadata schema might allow to circumvent this restriction.Also, I was wondering if someone has experience hardening databases on RDS, as the so called superuser does nothave the right to revoke access from the metadata schema. Comments and suggestions are welcome. -- Regards, Peter
В списке pgsql-general по дате отправления: