Versions Compared

Old Version 3

changes.mady.by.user Nicolas Rios

Saved on

compared with

New Version Current

changes.mady.by.user Nicolas Rios

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

AWS IAM Policy can be used to create permissions that specify which RDS actions a user, or a group of users in your AWS account can perform. IAM Policy is basically a JSON document that consists of one or more statements which defines the action to be taken on AWS resources. It can be used to determine who is allowed to create, delete, or modify RDS instances.

SQL DM for MySQL needs the following permissions to fetch the log files:

...

For fetching the OS metrics, the following permission is needed:

...

You can restrict the Resource for the above policy using this linkthis 

Newtab2
aliaslink
urlhttp://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Resource
. In case, you want to perform either OS monitoring, or file-based log monitoring for your RDS/Aurora instance then you can include only those actions in the above policy.

You can use the default policy CloudWatchReadOnlyAccess provided by AWS for OS monitoring, in case you don't do not want to create a custom policy. Keep in mind that this policy grants more permissions than SQL DM for MySQL requires to fetch your RDS/Aurora metrics.



Scroll pdf ignore
Newtabfooter
IDERA Website | Products | Buy | Support | Community | About Us | Resources | Legal
aliasIDERA
urlhttp://www.idera.com
Newtabfooter
aliasProducts
urlhttps://www.idera.com/productssolutions/sqlserver
Newtabfooter
aliasPurchase
urlhttps://www.idera.com/buynow/onlinestore
|
Newtabfooter
aliasSupport
urlhttps://idera.secure.force.com/
|
Newtabfooter
aliasCommunity
urlhttp://community.idera.com
|
Newtabfooter
aliasResources
urlhttp://www.idera.com/resourcecentral
|
Newtabfooter
aliasAbout Us
urlhttp://www.idera.com/about/aboutus
|
Newtabfooter
aliasLegal
urlhttps://www.idera.com/legal/termsofuse