Best practices for managing database users?
What's the best practices for managing RDS database users in the Reference Architecture, or Gruntwork ecosystem? --- <ins datetime="2022-07-25T18:57:24Z"> <p><a href="https://support.gruntwork.io/hc/requests/109054">Tracked in ticket #109054</a></p> </ins>
Gruntwork doesn't currently have an opinionated way of managing database users, and so it largely depends on what the team is comfortable with. With that said, in general, there are two basic options you can use: - **Use traditional SQL client interfaces to manage the database roles.** Your team and DBAs may already have a preferred tool they like to use to interact with the database for administrative tasks. You can set up access from these clients to the database once you have VPN configured on your local machine. - **Use Terraform to manage database roles.** Depending on the database engine you have chosen, you may be able to find a third party Terraform provider for managing database users/roles. For example, [mysql provider](https://registry.terraform.io/providers/petoju/mysql/latest/docs) or [postgresql provider](https://registry.terraform.io/providers/cyrilgdn/postgresql/latest/docs). Note that these providers still depend on direct access to the database, which means that you will need to be connected to the VPC over a VPN connection to deploy these.