LogoLogo
  • Welcome to WorkSpaces Manager
  • Overview
    • Change Log
      • Stable
      • Beta
    • Portal Requirements
      • Software Requirements
      • Hardware Requirements
    • Installation Prerequisites
      • Active Directory Service Account
      • Amazon WorkSpaces Cost Optimizer
      • CloudWatch Log Group & Eventbridge Rule
      • Port Requirements
      • AWS Service Endpoints
    • Installation Procedure
      • Subscribe to WorkSpaces Manager License Key
      • Request a License Key
      • Subscribe to WorkSpaces Manager Appliance
      • Deploy WorkSpaces Manager Appliance via CloudFormation
      • Configure WorkSpaces Manager
    • Upgrade Procedures
      • From Version 5
      • WSM Update Tool
      • Latest Version Updates
    • Alternate deployment options
      • Install manually on EC2
      • Deployment from Shared AMI
        • Security Group
        • IAM Requirements: Custom Policies
        • IAM Requirements: Role and EC2 instance profile
        • Shared AMI (Amazon Machine Image)
      • Create AMI via Packer
      • Deploy an RDS Database via Terraform
    • WorkSpaces Performance Monitor Agent
    • High Availability (HA)
    • Appendices
      • Administrator Active Directory Permissions
      • SES Configuration
      • HTTPS/TLS Encryption
      • Friendly Portal URL Address
      • GPO and values for WorkSpaces Performance Monitor Agent
      • GPO and value for Disconnection after idle time
      • IAM Policies in JSON format
      • AWS CLI v2
      • LDAP (Active Directory) Troubleshooting for WSM
      • RDS Database Options
Powered by GitBook
On this page
  1. Overview
  2. Alternate deployment options

Deploy an RDS Database via Terraform

Amazon Relational Database Service (Amazon RDS) is an easy-to-manage relational database service optimized for total cost of ownership.

PreviousCreate AMI via PackerNextWorkSpaces Performance Monitor Agent

Last updated 6 months ago

In scenarios where the MS-SQL Database is decoupled from the Portal Application, it's recommended to run the database using the AWS RDS managed service for better scalability, availability, and management. The database must use an MS-SQL engine, which can be deployed in any of its supported versions.

There are multiple ways to deploy the MS-SQL database on AWS RDS, but to streamline the process, we provide an example of how to deploy it using Terraform in our Git repository. This example includes all the necessary configurations for setting up an RDS instance with MS-SQL, ensuring it integrates seamlessly with the WorkSpaces Manager environment.

Once the database has been deployed —whether via Terraform, CloudFormation, or manually on an EC2 instance— you need to configure the database to allow connections from the WorkSpaces Manager Appliance. At a minimum, this configuration should include:

  1. Database Access: Set up a username and password for the WSM Appliance to connect to the database.

  2. Security Group Configuration: Ensure that the database's security group allows inbound traffic on TCP/1433 (MS-SQL) from the IP address or VPC of the WSM Appliance.

  3. Secrets Manager: Store the database credentials (username and password) in AWS Secrets Manager for secure access by the WSM Appliance.

By storing the credentials in Secrets Manager, the WSM Appliance can securely retrieve and use them during operations, reducing the need for hardcoded credentials and improving security.

The retrieval of credentials is done in real-time by calling the AWS Secrets Manager API, ensuring that no sensitive information is stored or cached elsewhere. This process enhances security, as the credentials are only accessed when needed and are not exposed in any configuration files or logs, reducing the risk of unauthorized access.

Nuvens-Public / WSM-RDS-SQL · GitLabGitLab
Logo