Starting Soon! Want to secure workload access to LLMs like ChatGPT? Join Our Webinar | Today at 1 pm. PT

Aembit Earns Prestigious Runner-Up Spot at RSA Innovation Sandbox Contest! Watch the Announcement

RSAC™ Innovation Sandbox FINALIST 2024 banner
Aembit is an RSA Conference Innovation Sandbox finalist! Read the news
Blog

Aembit Product Update February 2023

Aembit Product Update February 2023 - aembit and mysql

MySQL Support

Aembit continues to add support for managing access to a wide variety of databases from your workloads. We previously announced support for PostgreSQL and Amazon Redshift, and recently we released support for MySQL databases! This includes support for managed MySQL engines from major cloud providers, including Amazon RDS for MySQLAzure Database for MySQL, and Google Cloud SQL for MySQL.

In addition to supporting the MySQL protocol, Aembit makes it easier to enable TLS at your MySQL instances and connect to them securely wherever they are.

Organizations often expose MySQL instances internally or externally over the internet without TLS enabled. That creates a tremendous risk of leaking massive amounts of sensitive data about your customers and employees.

Even if your client workloads don’t yet support encrypted connections, Aembit Edge will securely proxy the MySQL protocol from non-TLS-enabled client workloads to TLS-enabled instances.

Query Parameter Injection for HTTP

Many HTTP-based API services, like Apigee, utilize API Keys for authenticating requests. To achieve this authentication mechanism, those services sometimes expect the API Key to be presented in the HTTP Query Parameters of the request.

In the HTTP request, this is going to be the first line that is sent from the client and includes: the HTTP Method (e.g., GET), the full URL (including host and path), and the HTTP version. For example:

GET http://api.example.com/hello-world/get HTTP/1.1

To support services that require an API Key to be transmitted via a query parameter, Aembit Edge can now automatically inject the credential into the URL when a workload is authorized to access the service.  Thus, the request would end up being interpolated based on something like the following:

GET http://api.example.com/hello-world/get?{PARAM_NAME}={CREDENTIAL} HTTP/1.1


Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads.

We invite you to try it today!

You might also like

Aembit Workload IAM extends RBAC by grouping and isolating non-human resources and policies within an organization or tenant.
As organizations emphasize safeguarding non-human identities, you must balance immediate security measures with long-term oversight and compliance.
Sticky note security now plagues application and service connections, necessitating a shift to more mature workload access safeguards.