Synchronize DB Resources in AWS

Overview

QueryPie offers seamless integration with AWS for database registration and management. With this integration, you can synchronize resources from AWS and effortlessly register them as databases managed by QueryPie. Additionally, you can grant access to these databases for users and groups, and establish customized policies to ensure efficient management.

Register AWS Integration Information in QueryPie

1. From the Database Settings menu, navigate to the Cloud Provider menu.

2. Click on the Create Provider button located in the upper right corner.

3. In the Name field, enter a descriptive name to identify this provider.

4. In the Cloud Provider field, select Amazon Web Services.

5. In the Region field, select the appropriate region for the resources you wish to synchronize.

6. Provide the required Credential information necessary for synchronizing the resources.

   1. Refer to the "Setting Up Authentication Methods by Credential Type" section for a detailed explanation of each credential method.

7. In the Database Type Filter field, specify the types of resources you want to synchronize.

8. In the Replication Frequency field, select the desired synchronization method.

   1. Manual : Synchronize resources manually as needed.

   2. Scheduling : Schedule periodic synchronization using Cron Expressions.

9. Click the Save button to save the Cloud Provider configuration.

Set Up Authentication Methods by Credential Type

• Default Credentials (Instance Profile): If your QueryPie server is deployed within the same AWS account as the resources you wish to synchronize, you can utilize the Instance Profile IAM permissions. Assign the appropriate policy to the EC2 instance where QueryPie is installed to enable resource synchronization within the same AWS environment.

AWS IAM Policies required to synchronize each database resource

• RDS : AmazonRDSReadOnlyAccess

• DynamoDB : AmazonDynamoDBFullAccess

• Redshift : AmazonRedshiftReadOnlyAccess

• Athena : AmazonAthenaFullAccess

• Redis : AmazonElastiCacheReadOnlyAccess

• Cross Account Role: To synchronize resources from different AWS accounts, you can create an IAM role. Follow the on-screen instructions to create permissions and assign policies for synchronization. Ensure to set the AWS account where QueryPie is installed in the AWS_ACCOUNT_ID entry of the environment variable file to facilitate resource synchronization through this credential.

• Access Key: With this authentication method, manual synchronization is possible. After saving the configuration, initiate a one-time synchronization by providing the Access Key of your AWS account when clicking the Synchronize button on the Provider details screen.

Synchronize and Manage Registered AWS Cloud Providers

1. From the Database Settings menu, navigate to the Cloud Provider menu.

2. Select the registered Cloud Provider to access its details screen.

3. Click on the Synchronize button located in the top-right corner to initiate the synchronization process with AWS.

4. You can monitor the synchronization progress through the Synchronization Log displayed, and review the synchronization history in the General Settings > Systems > Jobs menu.

5. Once a cloud provider is registered, certain basic information and credentials cannot be modified:

   1. Name: Changeable

   2. Cloud Provider: Unchangeable

   3. Region: Unchangeable

   4. Credential: Unchangeable

   5. Role ARN: Unchangeable

   6. Database Type Filter: Changeable

   7. Replication Frequency: Changeable

Synchronizable Resource Items

• Amazon RDS (MySQL, MariaDB, PostgreSQL, SQL Server, Oracle), DynamoDB, Redshift, DocumentDB, Athena, Redis (ElasticCache)

Related Topics

• DB Access Policies

• DB Access Control

• Register Connections Manually

• Set Connection Details and Policies

Back to DB Management