Avoid having application servers provision the RDS root user's password #69
Comments
|
From @gdestuynder on November 3, 2015 23:59 @tinnightcap @RichardWeiss can you confirm that for all 4 apps in Nubis plan B there is only 1 or no database user per app (which means not having separate RDS users is a lower risk)?
The risk would be higher for future app is these use multiple users. |
|
From @gozer on November 4, 2015 0:1 Only bugzilla uses a database, and it's going to be MySQL-on-ec2, so no more RDS at all, technically |
|
From @RichardWeiss on November 4, 2015 0:12 Confirming that it is only the Bugzilla database and that will be the only application running in that account. |
|
From @gdestuynder on November 4, 2015 0:19 thanks! lowered risk accordingly, we'll probably revisit that for future apps (thus i'd recommend leaving this one issue open) |
From @gene1wood on November 3, 2015 23:55
Thanks so much for sharing how the RDS root password provisioning works in issue #98. Based on how the RDS root user password provisioning works, the application servers which set the root user's password, as a result, have root MySQL user access to the RDS database when they only need the access that the application user that they use is granted (e.g. no rights to create and delete other MySQL users).
Please provision the RDS root user's password through a different means to avoid this unnecessary privilege being granted to RDS clients.
Copied from original issue: tinnightcap/nubis-stacks#219
The text was updated successfully, but these errors were encountered: