AWS PostgreSQL Audit Demo

"Who accessed the database?"

Who accessed the database?

Individual accountability and PII protection for database access

❌ Current Problem

  • Shared database credentials
  • No individual accountability
  • Difficult PII access tracking
  • Compliance challenges

✅ Our Solution

  • Individual user accounts
  • Complete audit trail
  • PGaudit logging
  • CloudWatch integration

🔐 Individual Accounts

Each engineer gets unique PostgreSQL credentials

📊 Audit Logging

PGaudit captures all database operations

🛡️ PII Protection

Sensitive data automatically masked

☁️ CloudWatch

Centralized logging and monitoring

🎬 Live Demo

PII Masking Demo

Watch: Engineers see masked PII data while admins access real data

📊 Audit Trail

Database Audit Logs

Complete audit trail: Who accessed what data and when

Quick Start

# Clone and deploy
git clone https://github.com/robertkruk/aws-pgsql-demo
cd aws-pgsql-demo
npm install && npx cdk deploy

# Run interactive demo
./scripts/setup-demo.sh
./scripts/demo-audit.sh
./scripts/view-logs.sh 30
View on GitHub Live Demo Guide