To know:
Master DB and replica encryption using AWS KMS - must be define at launch time
If the master is not encrypted, the read replica can not be encrypted.
To encrpt and unencrypted database, go though a DB snapshot & restore as encrypted
Can using IAM authenticatication instead of username/password
IAM authenticatication
Security group
Audit Logs can be enabled and sent to CloudWatch for longer retention
Last updated 1 year ago