Creating an IAM database username

To create an IAM username:

Enable IAM DB authentication on the RDS DB instance.
Create the Database user, using the master login (rds_iam)
- For MySQL create the username using master login (rds_iam):
  - mysql --protocol=tcp --host=instance_fqdn --user=admin -p --port=3306
  - CREATE USER iamuser IDENTIFIED WITH AWSAuthenticationPlugin as 'RDS';
  - GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, LOCK TABLES, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON *.* '<db_user>'@'%';
- For PostgreSQL, create the user on the server.
  - psql -h instance_fqdn -U postgres
  - CREATE USER iamuser WITH LOGIN;
  - GRANT rds_iam TO iamuser;
  - ALTER ROLE iamuser WITH LOGIN CREATEDB;
  - GRANT rds_superuser TO iamuser;
Attach the RDS policy to the IAM role attached to the NetBackup media server.

For more details, see AWS permissions required by NetBackup Snapshot Manager section in the latest version of the NetBackup Snapshot Manager Install and Upgrade Guide.

Creating an IAM database username

Feedback

Feedback