Getting started
Getting started with CipherStash Proxy
CipherStash Proxy mediates access to your PostgreSQL database and analyzes your SQL in real-time to Audit, Identify and Encrypt. This tutorial walks you through how to get started with CipherStash Proxy. You will:
- Install the prerequisites
- Configure CipherStash Proxy
- Deploy CipherStash Proxy as a Docker container
At the end of this guide, you'll have the building blocks that enable the other CipherStash products to start protecting your data.
Installing prerequisites
To run CipherStash Proxy, you'll need to have Docker and an instance of PostgreSQL installed.
Docker
PostgreSQL
Installing CipherStash Proxy
CipherStash Proxy is a Docker container that acts as a proxy between any application and your PostgreSQL database. It's built on top of the popular pgcat connection pooler.
Step 1: Configure CipherStash Proxy
Create a cipherstash-proxy.toml
file in the directory where you'll run CipherStash Proxy. Add the following configuration to the file, replacing the placeholders with your credentials for your PostgreSQL database.
1[database]
2username = "username"
3password = "password"
4name = "database_name"
5host = "localhost"
6port = 5432
You can see all the configuration options for CipherStash Proxy in the CipherStash Proxy documentation.
Step 2: Run CipherStash Proxy
Run CipherStash Proxy as a Docker container by running the following command in the directory where you created the cipherstash-proxy.toml
file.
1docker run -v $(pwd)/cipherstash-proxy.toml:/etc/cipherstash-proxy/cipherstash-proxy.toml -p 6432:6432 cipherstash/cipherstash-proxy:latest
This will start CipherStash Proxy and expose it on port 6432. You can now connect to your PostgreSQL database using CipherStash Proxy.
1psql -h localhost -p 6432 -U username -d database_name
Step 3: View data access events
CipherStash Proxy will start collecting data access events and emit them to stdout by default. You can start collecting these events locally by leveraging your favorite log aggregation tool.
If you want to send these events to CipherStash for analysis, you can configure the cipherstash-proxy.toml
file to enable the Audit product.
Next steps
Congratulations! You've successfully set up CipherStash Proxy. CipherStash Proxy is a vessel for using the Audit, Identify, and Encrypt products. You can now get started with the other CipherStash products to start protecting your data:
- Getting started with CipherStash Audit
- Getting started with CipherStash Encrypt
- Getting started with CipherStash Identify (coming soon!)