This is how we're planning to encrypt our RDS Postgres DBs, but with PG's built-in logical replication.
I tried it with DMS and it was so cumbersome. We would've needed to make a lot of schema changes to get DMS to function. Specifically DMS can't replicate a number of character column-types because they were considered CLOB.
+1 DMS is very half baked. Silent, unbuggable errors. Tons of unsupported LOB and CLOB data types. Built-in Postgres logical replication is way easier.
yeah I also don't want any third party getting ahold of my transaction data. My solution was to have my banks send alert emails to me for any transaction. Then the alert emails are forwarded to a Dockerized email server I set up. The transaction data is automatically parsed out of the emails and loaded into a database. The only cost for me is the server.
Honestly the email server could be gotten rid of if someone was willing to directly access their gmail email account via IMAP, or whoever you use for email. I thought it would be a fun challenge to make an email server x_x
My goal is to make it so people like you could write some regex for their bank alert email parsing, spin this up, and be off to the races with no third party interference.