PowerSync always enforces TLS on connections to the database, and certificate validation cannot be disabled.
For enhanced security, you can restrict database access to PowerSync Cloud’s IP addresses. Below are the IP ranges for each region:
Do not rely on IP filtering as a primary form of security. Always use strong database passwords, and use client certificates if additional security is required.
See Private Endpoints for using a private network to your database using AWS PrivateLink (AWS only).