IAM Auth

Create the IAM Database User

MySQL or MariaDB

CREATE USER teleskope IDENTIFIED WITH AWSAuthenticationPlugin AS 'RDS';

Postgres

CREATE USER teleskope; 
GRANT rds_iam TO teleskope;

Grant DB User Permissions

MySQL or MariaDB

GRANT SHOW DATABASES, SELECT ON *.* TO teleskope

Postgres versions 14+

GRANT pg_read_all_data TO teleskope

Postgres versions < 14

SELECT format('GRANT CONNECT ON DATABASE %I TO teleskope;', datname) FROM pg_database \gexec
SELECT format('GRANT USAGE ON SCHEMA %I TO teleskope;', nspname) FROM pg_namespace \gexec
SELECT format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO teleskope;', nspname) FROM pg_namespace \gexec

MySQL or MariaDB

GRANT UPDATE, DELETE on *.* TO teleskope

Postgres versions 14+

GRANT pg_write_all_data TO teleskope

Postgres versions < 14

SELECT format('GRANT UPDATE, DELETE ON ALL TABLES IN SCHEMA %I TO teleskope;', nspname) FROM pg_namespace \gexec

Enable IAM Auth

Enable IAM Auth for the RDS Cluster.
Provide the Teleskope IAM role in the AWS account with the following permission for your database:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "rds-db:connect"
      ],
      "Resource": [
        "arn:aws:rds-db:{REGION}:{ACCOUNT_ID}:dbuser:{DB_RESOURCE_ID}/{DB_USER}"
      ]
    }
  ]
}

Submit the Username in the Teleskope interface

PreviousRDS NextUsername and Password

Last updated 9 minutes ago

Was this helpful?