Add a property to enable the disk encryption for postgres databases on AWS

EngineerBetter / control-tower

Deploy and operate Concourse CI in a single command

https://www.engineerbetter.com

Apache License 2.0

121 stars 39 forks source link

Add a property to enable the disk encryption for postgres databases on AWS #305

Closed max-soe closed 1 year ago

max-soe commented 1 year ago

We added the possibility to use encrypted disks for AWS Postgres Databases. The new property can be used during the inital deployment. Changes for already existing databases are not supported. Terraform would replace them with complete data lose.

Implementation steps:

- Add a KMS Key + Alias and connect them to the database
- Add a cli property to use the encrypted disk for AWS
- Deploy KMS Key + Alias only if the disk encryption is enabled
- Update the documentation

SaphMB commented 1 year ago

Thanks for the contribution @max-soe!