Skip to main content
Using AWS RDS provides a managed PostgreSQL database for Gorbit. This guide covers both basic and IAM authentication for enhanced security.

Guide

1

Create an RDS PostgreSQL instance

Navigate to the Amazon RDS console and create a new PostgreSQL database.
  • Click Create database
  • Select PostgreSQL as the engine type
  • Choose Standard create for the creation method
  • Select your preferred PostgreSQL version
  • Choose Production or Dev/Test template as needed
2

Configure database settings

Set up your database identifier, credentials, and instance configuration.Settings:
  • Set a descriptive DB instance identifier like gorbit-prod-db
  • Set Master username (e.g., postgres)
  • Set a strong Master password and confirm it
Instance configuration:
  • Choose an appropriate Instance class (e.g., db.t3.micro for testing, db.t3.medium for production)
  • Configure Storage size and enable autoscaling if needed
Save your database credentials securely - you’ll need them to configure Gorbit.
3

Configure connectivity and security

Set up network access and security groups for your database.
  • Select your VPC and Subnet group
  • Configure VPC security group to allow access from your Gorbit instance
  • Set Public access to “No” for production (recommended)
  • Choose your preferred Availability Zone
Click Create database to launch your RDS instance.
4

Configure Gorbit environment variables

Once your RDS instance is running, configure Gorbit to connect to it.Get your database details from the RDS console:
  • Endpoint: Found in the RDS instance details
  • Port: Typically 5432
  • Database name: Your database name or postgres if using default
For Docker deployments, add these variables to your .env file:
For EKS deployments, add these to your values.yaml file:
Gorbit will now connect to your RDS PostgreSQL instance using these credentials.

Optional: Enable IAM Authentication

For enhanced security, you can enable IAM database authentication instead of using static passwords. This allows Gorbit to connect using short-lived IAM credentials.
1

Enable IAM authentication on RDS

Navigate to your RDS instance in the AWS console and enable IAM authentication.
  • Go to your RDS PostgreSQL instance
  • Click Modify
  • Under Database authentication, enable IAM database authentication
  • Click Continue, then Apply immediately
2

Create IAM database user

Connect to your database and create a user for IAM authentication.Using your master credentials, run these SQL commands:
3

Configure IAM policy

Create an IAM policy to allow database connections.Get your DbiResourceId or DbClusterResourceId:
Create this IAM policy, fill in the region, account-id, resource-id, and attach it to your EC2 instance role:
4

Download SSL certificate

Download the RDS CA certificate bundle for secure connections.
The SSL certificate is required for IAM authentication to work properly.
5

Configure Gorbit for IAM authentication

Update your environment variables to use IAM authentication.For Docker deployments, add these variables to your .env file:
Mount the SSL certificate in your docker-compose.yml:
docker-compose-prod.yml
For Kubernetes deployments, add these to your values.yaml file:
Create a secret for the SSL certificate and mount it:
Next, we’ll mount the certificate in all of our containers in the values.yaml file.Go through each container and replace the empty volumes and volumeMounts with the following:
6

Restart Gorbit

Restart your Gorbit instance to apply the changes.
Docker
kubectl
For more details, see the AWS RDS IAM Authentication documentation.