IAM roles can be used to connect to your database.
Though discouraged username and password can be used to connect to database.
Database master and replicas can be encrypted using KMS, configured before launch.
Read Replicas can only be encrypted if master is encrypted.
To enable encryption on a unencrypted database, one has to take a snapshot, restore as encrypted.
TLS-ready by default, use AWS TLS root certificate at client side.
Last updated 1 month ago