aws-rds-dev-db-automation
DevOps project to automate the creation of a fresh Clone from the production database with sanitized data
Setup
- Create the following
DEV-DB-CreationIAM policy with the following access
- Create an EC2
DEV-DB-CreationIAM role and attach theDEV-DB-Creationpolicy - If running in EC2 assign the role to the EC2 instance
NOTE: This is a suggested policy. Feel free to harden it as you feel appropriate.
Usage
Installation
npm i -g aws-rds-dev-db-automationGenerate the default configuration
The first time the program runs it will write a default configuration to ./config.json
aws-rds-dev-db-automationRun the automation tasks
Run the program once the configuration has been properly edited. The file defaultConfig.js contains all the possible parameters.
aws-rds-dev-db-automationHow does it work?
This program runs multiple automation tasks. Each task can be enabled/disabled independently.
1- Restore the most recent snapshot of an RDS instance. The application verifies the restored instance is ready for use before finishing.
2- Change the master password of the newly created database. The application verifies the instance is ready for use before finishing.
3- Sanitized the restored database. The application runs a list of configured scripts to delete sensitive production data.
4- Delete old development databases created using the application. Only the most recent one is kept.
5- Update an environment setting in an Elastic Beanstalk environment that contains connection string details to point to the most recent restored database.