Q: What is a DB Subnet Group and why do I need one?

A DB Subnet Group is a collection of subnets that you may want to designate for your RDS DB Instances in a VPC. Each DB Subnet Group should have at least one subnet for every Availability Zone in a given Region. When creating a DB Instance in VPC, you will need to select a DB Subnet Group. Amazon RDS then uses that DB Subnet Group and your preferred Availability Zone to select a subnet and an IP address within that subnet. Amazon RDS creates and associates an Elastic Network Interface to your DB Instance with that IP address.

Please note that, we strongly recommend you use the DNS Name to connect to your DB Instance as the underlying IP address can change (e.g., during a failover).

For Multi-AZ deployments, defining a subnet for all Availability Zones in a Region will allow Amazon RDS to create a new standby in another Availability Zone should the need arise. You need to do this even for Single-AZ deployments, just in case you want to convert them to Multi-AZ deployments at some point.

ngrep pas glop quand https, du coup :

sudo apt install mitmproxy

mitmdump -v -d

Dans l'application, configurer la lib (curl ou autre..) pour utiliser un proxy http/https sur 127.0.0.1:8080 (mitmdump écoute sur ce port)
ou bien plus violent :
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080

Dans tous les cas, la lib va raler car certif pas ok : utiliser insecure si possible dans l'app ou bien generer certif et le trust au niveau de l'os

à partir de là on peut voir les call/response avec mitmdump

C-A
:swap-window -t 0