Listing Thumbnail

    Baffle Trial for RDS & Aurora PostgreSQL

     Info
    Free Trial
    Baffle's data-centric protection enables organizations to comply with the latest data protection regulations and cybersecurity frameworks. Baffle provides the benefits of application-level encryption without code changes, providing you the most flexible solution for protecting sensitive data in AWS.
    Listing Thumbnail

    Baffle Trial for RDS & Aurora PostgreSQL

     Info

    Overview

    With Baffle, Amazon RDS and Aurora are the only PostgreSQL cloud services that have more data security capabilities than Oracle and MS SQL Server, enabling you to migrate off of costly legacy databases and securely modernize your applications.

    Challenges Regulations and security frameworks, such as GDPR, NIST, CCPA, and PCI, demand control & "least privilege" access to sensitive data in AWS. Baffle provides application-level encryption (the gold standard for data security) without the cost, time, and effort of other products.

    Solution Baffle has 4 key features:

    • No-code Implementation deploys and protects your data and 3rd party apps in hours, not weeks/months
    • Highly performant and scalable architecture mean applications continue to meet their SLAs
    • Data-in-Use Protection ensures data is protected, even from compromised database or cloud admin accounts
    • Role-based Access Control ensures only authorized users can access sensitive data in clear text

    Benefits Baffle's solution is easy to deploy, fast and scalable, provides comprehensive and flexible security which quickly protects your sensitive data, speeds time to value, reduces your costs to to implement and maintain, and virtually eliminates the impacts of a data breach

    Highlights

    • Easy: Baffle's No-code Implementation means no application code changes are required to deploy and use as well as any changes in data protection policies dont impact application development
    • Fast: Baffle's architecture ensures fast, scalable performance, adapting to increased loads through vertical or horizontal scaling. It optimizes cryptographic operations with hardware capabilities.
    • Comprehensive: Baffle's Data-in-use Protection secures data during access, maintaining a fail-safe posture even in breaches. It complements data security at rest and in transit.

    Details

    Categories

    Delivery method

    Delivery option
    Baffle Trial for RDS & Aurora PostgreSQL

    Latest version

    Operating system
    AmazonLinux 2015.05.04

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product at no cost for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    Baffle Trial for RDS & Aurora PostgreSQL

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (6)

     Info
    Instance type
    Product cost/hour
    EC2 cost/hour
    Total/hour
    t2.large
    $0.50
    $0.093
    $0.593
    t3.large
    $0.50
    $0.083
    $0.583
    t3.xlarge
    $0.50
    $0.166
    $0.666
    m4.xlarge
    $0.50
    $0.20
    $0.70
    m5.large
    $0.50
    $0.096
    $0.596
    m5.xlarge
    $0.50
    $0.192
    $0.692

    Vendor refund policy

    Free 30-day trial. Refunds are handled on a case-by-case basis via support.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Baffle Trial for RDS & Aurora PostgreSQL

    "This CloudFormation (CF) template automates the setup for Baffle Data Protection for Databases on AWS. It orchestrates the creation of various resources necessary for the workflow, streamlining the process and ensuring consistency.

    The template begins with parameter definitions allowing customization of workflow options, user credentials, and IP whitelisting. It then employs conditions to adapt resource creation based on the selected workflow.

    The template provisions foundational resources like VPCs, subnets, internet gateways, and route tables for networking. It also sets up an S3 bucket and IAM roles for managing keys and permissions.

    For database management, it creates an RDS instance with custom settings, including disabling SSL and enabling logical replication. Secrets for database access are securely managed using AWS Secrets Manager.

    Security measures include the setup of EC2 security groups and IAM roles, ensuring controlled access to resources and encrypted data transmission.

    Additionally, the template facilitates Database Migration Service (DMS) setup for data replication tasks, providing endpoints and task configurations for migration operations.

    Outputs provide convenient access URLs for Baffle Manager, PGAdmin, and DMS migration tasks, along with commands for managing DMS tasks via AWS CLI.

    By encapsulating all these configurations into a single template, this CF script simplifies the deployment and management of Baffle Data Protection, fostering a secure and efficient data environment on AWS."

    CloudFormation Template (CFT)

    AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

    Version release notes

    Release 2.8.4.3

    Additional details

    Usage instructions

    Run the Cloud Formation script and use the following guide https://quickstart-baffle.s3.us-east-2.amazonaws.com/Quickstart+POC+-+Baffle+Data+Protection+for+Amazon+RDS+and+Aurora+(PostgreSQL)/AWS+Baffle+Static+Masking+for+Lower+Environment.docx.pdf  The IAM role named BaffleShieldRole is designed with three key policies: Assume Role Policy: This policy allows EC2 instances to assume the role. Consequently, these instances gain permissions granted by the role to interact with other AWS services. AccessBaffleDBSecret Policy: Grants permission to retrieve sensitive information, such as database credentials (BaffleDBSecret), from AWS Secrets Manager. AccessScriptBucketAccess Policy: Provides access to an S3 bucket (BaffleKeyStorageBucket) for various operations, including listing and deleting objects. Scripts are downloaded from a public GitHub repository. The scripts used by the deployment of the Baffle service to get up-to-date configuration. An email ID is requested to create an account with the Baffle service. The email ID is used to ensure uniqueness of the account name. The email ID is not collected nor will Baffle send emails to that email ID

    Resources

    Vendor resources

    Support

    Vendor support

    PLEASE NOTE: Pricing is for illustration purposes only and varies depending on customer environment, requirements and other factors. Please contact us at for more details.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    No customer reviews yet
    Be the first to write a review for this product.