We want to keep our databases secure, but sometimes developers need access (think migrations, debugging, business information queries).<p>Ideally, database access is:<p>- Connected to existing developer authentication (single sign-on)<p>- Time limited<p>- Requires approval<p>- Leaves an audit trail<p>How do you achieve these conflicting goals?<p>Some approaches:<p>- Put the database in a public subnet and give developers database credentials. This is strongly discouraged by AWS etc (why?). No audit trail or approvals process.<p>- Put the database in a private subnet with a VPN in a public subnet. Give developers database credentials. This requires credential management for the VPN and you need to pay for an additional server. Access is not time limited. No audit trail or approvals process.<p>- Something else... ?