0

Well, probably this is a stupid question, but after to surfing the web the last week...this is my last shot.

Questions:

  • It is possible to create an API to call a SQL database to retrieve records?..In a secure way..?
  • What apps/tools/methods can I use? hopefully...VS, Python, PowerShell...etc
  • Can I encrypt that call?and create a method to decipher the data?
  • I'm not the app owner, what questions should I make to the app developer?

FYI Currently I cannot use cloud vendors or third party tools to do the transformation :(. But if there is a strong tool/vendor maybe I can negotiate it.

I have consulted:

Any ideas?

Tana
  • 297
  • 3
  • 13
  • We secure our databases by running them on separate servers placed in a private network that is not accessible to anything except our application servers and web servers. The rest of the internet can't connect to them at all. We do this using Amazon's "virtual private cloud" features. We also limit access to the application and web servers with most ports only accessible by whitelisted IP address or VPN, except for ports 80 and 443 for the web servers. Actually not quite even them since the web servers are behind a Web Application Firewall. – Dave S Sep 24 '19 at 04:08
  • If you really can't use AWS, you might be able to do something sort of similar with intelligent routers and/or firewall software that block traffic to the database server(s) except from the application / web server. Also run firewall software on the database server to close all ports except the ones for SQL. – Dave S Sep 24 '19 at 04:14
  • We have already setted a secure perimeter in our servers farms: VPN, Ports previously selectioned, Firewalls rules, xp_cmdshell deactived, certificates, server authentication, etc. also the external app where the call is going to be made has been previously whitelisted...besides that I dont know what else should I configure to make that call secure...But first, I would like to know if it is possible to make an API call to a SQL db....and how to do it .... – Tana Sep 24 '19 at 04:33

1 Answers1

1

Try rolling out redash with the bitnami stack. It's free, as in speech.

Bitnami will take care of setting up https etc if you do it on AWS. You need a t2-small I think. There's how-tos for let's encrypt etc also.

You can dish out links to "widgets" with an embedded API key. The widgets can be json or csv. They will only provide access to predefined data queries, but you can get that data from anywhere, not just your SQL server.

The Forge
  • 11
  • 2