- Create AWS RDS
- Add our AWS RDS to Heroku/Change Database_URL
- Authorizing Heroku access to RDS instance
- Open Database in PostgreSQL
- Push Project to heroku
1 – Create AWS Relational Data Service (RDS)
In you AWS account go to Databases –> RDS
Next Select “Create Database” and select you database type. We will be using “PostgreSQL” for this example.
Go ahead and complete the form. When we get to settings you will want to give you database Instance a Name, Username and Password.
In the next page of the form you can leave most of the fields to default unless you have specific preference. The main thin here is to give you database a name.
Once you submit the form your database should be created and you can now view you database from the instances tab
2 – Add our AWS RDS to Heroku
By default Heroku will usually create a new database for you. We will need to delete this database and add in our DB form AWS.
Lets delete our database first. To delete your existing Database go you project in heroku, then “Resources”. If you have a databases you will see it in “Addons”. You will be able to delete it from there. You cannot delete this direclty from “Config Vars”
No that we have deleted our old database we can now manually set Configuration variable.
Create a varble call DATABASE_URL and add the following:
Min looks like this:
This now points heroku to your amazon database. Now all we have to do is go back to our amazon database and configure the SSL and Security group
You can grab that last piece after the password in you database instance under “Endpoint”
3 – Authorizing Heroku access to RDS instance
Configure the RDS instance to only accept SSL-encrypted connections from authorized users
From you RDS dashboard go to “Parameter groups” and click on “Create Parameter Group”.
Go ahead and create a parameter group. Once you have created you parameter group go ahead and click on it and search for “rds.force_ssll”.
Change the value of rds.force_ssl and set the value to “1” and save edits.
Configure RDS the security group to allow all incoming IP Ranges
From you dbinstance under details → Security and network find and click on security groups. This will take you to the EC2 management console.
Make sure your group ID is selected and choose inbound, then “Edit”
Change the source to anywhere and save.
4 – Open Database in PostgreSQL
To view you database make sure you have Postgres installed locally.
Start by creating a new server. Once we named our server we need to go to connection and us our AWS RDS credentials to connect.
Our Hostname is the same DB instance we used to connect in heroku.
Use the password and username you created earlier when we first created our database on AWS
5 – Push Project to Heroku
If you have done so yet we need to make sure to push the newest version of out project to make sure our “AWS RDS SSL Root certificate” we added in step 2 is on our live server.
Downloading and installing AWS RDS SSL Root certificate
This file helps encrypt the connection to our Database. You can find this file by doing a simple google search “AWS RDS SSL Root certificate” or going to the link directly. Choose the link that describes you database. I used the link avalible for all databases instances under the list.
Clicking one of the links should download the following file.
I am using “Django” for my project so this file will go right into the root directory of my project
I renamed my file to “root certificate.pem” so dont let that confuse you 😉