How can I protect AWS RDS via Cloudflare Zero Trust

Hi,

I am wondering if I can protect my amazon rds via Cloudflare Zero Trust.

Which part of the communications you are trying to secure? Between EC2 and RDS inside a VPC or between public users from the Internet and the RDS in the VPC?

Hi,

Thanks for the quick response. The part between public users from the Internet and the RDS.
Let’s say if they want to connect directly to the database for manual queries(support).

1 Like

There’s no known documentation on how to setup this, however this documentation should be pretty similar.

https://developers.cloudflare.com/cloudflare-one/tutorials/ssh/

What to change:

  1. When you configure config.yml, point the service to tcp://RDS_HOST:3306 instead of ssh:// (Assume that your RDS is listening on port 3306)
  2. If you want to connect from your PC, cloudflared software needs to be downloaded from your PC too. Then, run cloudflared access tcp --hostname rds_host.example.com --url localhost:3306. Lastly, open your database access software to talk to localhost:3306. You can change the port to something else, as long as you point to the correct port number when you try to connect.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.