Skip to content
User Guides
Integrations
Databases
Amazon RDS PostgreSQL

Amazon RDS PostgreSQL

This Integration requires Fides Cloud or Fides Enterprise. For more information, talk to our solutions team. (opens in a new tab)

RDS PostgreSQL (opens in a new tab) extends standard PostgreSQL functionality to help organizations set up, operate, and scale their solution on the cloud.

Prerequisites

In order to integrate with RDS PostgreSQL, you'll need to collect the following information from the database adminstrator:

  • Authentication Method: Determines which type of authentication method to use for connecting to Amazon Web Services. More details are provided below.
  • Access Key ID & Secret Access Key: The credentials that provide access to your AWS account. These can be found or created in a IAM user's Security credentials tab.
  • DB Username: The user account used to authenticate and access the database.
  • Assume Role ARN: If provided, the ARN of the role that should be assumed to connect to AWS.
  • Region name: The AWS region where your RDS PostgreSQL Database is located (e.g. us-west-2). This is visible when logging into the AWS Management Console (opens in a new tab).

These connection details can be provided through the form described below, using 'secret key' authentication; this is recommended. Alternatively, 'automatic' authentication provides you the option to set connection credentials as environment variables in your Fides deployment by following these instructions (opens in a new tab).

Additionally, the Fides AWS account will need sufficient permissions in its IAM policy Statement to submit requests to the database. For example, the statement object below permits Fides sufficient permissions to issue Access requests.

"Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "rds-db:connect"
            ],
            "Resource": [
                "arn:aws:rds-db:REGION:12345:dbuser:cluster-NAME/fides_user_name"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "rds:DescribeDBClusters"
            ],
            "Resource": [
                "arn:aws:rds:REGION:12345:cluster:*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "rds:DescribeDBInstances"
            ],
            "Resource": [
                "arn:aws:rds:REGION:12345:db:*"
            ]
        }
    ]

Of course, the user account referenced above will need sufficient permissions on the database. These can be set using the following commands:

CREATE USER username WITH LOGIN;
GRANT rds_iam TO username;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO username;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO username;

Integrating with RDS PostgreSQL

To integrate an existing system with RDS PostgreSQL:

  1. Navigate to Data mapView Systems and choose the system that you want to connect to
  2. Click on the Integrations tab.
  3. Pick the vendor or system type that you want to integrate with from the Connection type drop-down menu.
  4. Complete the required fields for the integration and click Save.

You may confirm your connection is working using the Test connection button, if desired.

To learn more, please see our guide for Managing Integrations.

Configuring a dataset

A dataset is required to configure an integration to this database. A dataset is a configuration file that tell Fides how to query and update data in the database. To learn more about how to create and manage datasets, please see our Managing datasets guide.

Amazon RedshiftGoogle BigQuery