What It Actually Takes to Audit Aurora PostgreSQL on AWS
Auditing Aurora PostgreSQL on AWS requires careful planning and implementation. The process focuses on tracking individual human user actions rather than application service accounts. This article outlines the architectural decisions and engineering efforts necessary to create an effective audit solution.
- ▪The audit solution targets individual human users making direct changes to application tables.
- ▪pgAudit on Aurora PostgreSQL does not have policy-based object/action targeting like Oracle's Unified Auditing.
- ▪The architecture involves using CloudWatch Logs, Lambda, and CloudWatch Alarms to monitor and alert on audit events.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3372066) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Pranay ravi Posted on May 21 What It Actually Takes to Audit Aurora PostgreSQL on AWS #aws #postgres #security #devops Most operational infrastructure starts this way: a requirement appears before the architecture does. One day the team needed a database audit solution. Not in a planning doc — someone asked, and I had to build something. I'd owned the Oracle audit pipeline already, so I knew what the destination looked like.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
