Ensure IAM authentication is enabled in RDS.
Ensure the user that will connect to RDS has these permissions.
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"rds-db:connect"
],
"Resource":[
"arn:aws:rds-db:<region>:<account-id>:dbuser:<DBInstanceResourceID>/<DatabaseUser>"
]
}
]
}
Log in using the master user and create a DB user with the rds_iam role.
CREATE USER db_user;
GRANT rds_iam TO db_user;
Generate a password valid for 15min.
aws rds generate-db-auth-token \
--hostname <dn-hostname> \
--port 5432 \
--username db_user
Top comments (0)