To monitor an Amazon RDS instance using SQL Diagnostic Manager, create an SQL Server user on the instance with the following minimum permissions.
Complete this task by following the steps below:
- Right-click the created user from the Logins node located in the Security node of the server in SSMS.
- Select Properties and configure the following tabs in the Login Properties Wizard as suggested.
Server Roles
Grant the following server-wide security privileges to the user.
- public
- processadmin
- setupadmin
User Mapping
Select the following databases, review them, and assign them the mentioned role membership as suggested.
- public role membership to the tempdb database
- bd_datareader role membership to the msdb database
- sysadmin role membership to all monitored databases
Securables
Verify that the following permissions are granted to your server.
- Alter any connection
- Alter any linked server
- Alter any login
- Alter any server role
- Alter server state
- Alter trace
- Connect SQL
- Create any database
- Create server role
- View any database
- View any definition
- View server state