Hey everyone! I'm currently using AWS with an RDS MySQL server and an EC2 instance to run my applications in Laravel. I'm looking to expose my Laravel models to AI so that users can generate various reports by asking for things like their spending information. The catch is, I want to ensure that I don't accidentally run harmful queries that could delete data or gather incorrect customer info. Do any of you have tips or recommendations for safely implementing this? I was considering setting up a read-only RDS instance, but I'm not sure if that's the best approach.
4 Answers
Creating a new database with limited access to only the tables you want available could also be a solid approach. It simplifies the permissions and adds an extra layer of protection against running the wrong queries by mistake.
You might want to check out the Strands SDK. It could provide the AI capabilities you need to handle all the queries more safely for you.
You can definitely set up a separate user with read-only access to prevent any unwanted changes to the database. Just keep in mind that while this helps, it won’t stop someone from running complex queries that might slow things down. If that’s a concern, using a read replica would be a good idea.
Whether you go with a read replica or just provide read-only credentials to the main database really depends on your needs. Whichever way sounds like a pretty straightforward solution!
Thanks, this looks interesting!