To monitor an Amazon RDS instance using SQL Diagnostic Manager, you have to create a SQL Server user on the instance with the following minimum permissions:
Server Roles:
public, processadmin, setupadmin
Databases:
public on TempDB
sysadmin server role equivalent privileges for monitored databases
Securables:
Server Object:
Administer bulk operations
Alter any connection
Alter any linked server
Alter any login
Alter any server role
Alter server state
Alter trace
Connect SQL
Create any database
Create server role
View any database
View any definition
View server state