Hi all,
We have a client security requirement to restrict Appian Mysql Cloud Database access. Is there an alternative approach to Access the cloud MySQL database with out inbuilt PHP site.
Note: If possible an approach that doesn't involve VPN access.
thank you
v/r
Rama
Discussion posts and replies are publicly visible
Hello Rama,
I have to say this is a really nice question I would like to understand little more about this. are you able to tell us about: What is the reason behind that request? any security problem with the PHPMyAdmin? any vulnerability we might need to be aware?
First of all please open a Appian Case on which you ask them for options. If your security team do not like the PhpMyAdmin and they don't want VPN then how? is there any tool that is better than those? Maybe what they really want is more like a read only access?
AFAIK, If they want close the access to the DB thru PHPMyAdmin there is a group named "Database Administrators" just block the access After that everybody will not be able to login. just be careful not sure you want to remove the admins? Or ask Appian Appian Support if they can remove it or at least remove the phpMyAdmin application from the server at least give access to the service accounts and as I said. and this could work if you want to limit just certain set of people.
That will be half of your requirement. The other half which is how to access the database now that you don't have that, well I see two options
1) Get premium access use the VPN and connect using the "Enhanced Data Pipeline"
https://docs.appian.com/suite/help/19.1/Enhanced_Data_Pipeline_for_Appian_Cloud.html
2) You have to think really carefully what do you want to do with the Database because you need to build it all in Appian.
I can imagine this was not the answer you expected but maybe if you talk to
Jose
At this time there is no alternative db access option without a VPN.
As mentioned by , for reading from the database, the Enhanced Data Pipeline Option is an offering available today for cloud customers who meet the necessary conditions.
Note that for Appian Cloud, Access to the database web interface is secured using the Database Administrators Group.
Perhaps you can adjust how this group is configured to better suit your needs.
Thank you @josep and Robert Shankin for your inputs, our client do have premier support from Appian and Client doesn't even want System Administrator to access the DB (No Access -- Client security guideline No to PHP). At this we don't have time to go through the security assessment for opening any tunnel. We raised a support ticket with Appian and will update accordingly.