search
HomePlatformPricing
githubEdit

IAM authentication

Using IAM for secure log-ins to RDS databases

Authenticate to MySQL, PostgreSQL, Aurora MySQL, Aurora PostgreSQL, and MariaDB RDS instances using AWS Identity and Access Management (IAM) database authenticationarrow-up-right.

Using IAM for authenticating an RDS instance offers the following benefits:

  • Network traffic to and from the database is encrypted using Secure Socket Layer (SSL) or Transport Layer Security (TLS).

  • Centrally manage access to your database resources, instead of managing access individually for each DB instance.

  • For applications running on Amazon EC2 hosts, you can use profile credentials specific to your EC2 instance to access your database, instead of using a password, for greater security.

hashtag
Configuring RDS IAM Authentication in DuploCloud

Use the System Config tab to enable IAM authentication before enabling it for a specific RDS instance.

  1. In the DuploCloud Portal, navigate to Administrator -> System Settings.

  2. Click the System Config tab. The Add Config pane displays.

  3. From the Config Type list box, set Flags.

  4. From the Key list box, select Enable RDS IAM auth.

  5. From the Value list box, select True.

  6. Click Submit. The configuration is displayed in the System Config tab.

Add Config pane with the Enable RDS IAM auth Key
System Config tab with EnableRdsIamAuth Key with Value of true

hashtag
Enabling IAM for an RDS instance

You can also enable IAM for any MySQL, PostgreSQL, and MariaDB instance during RDS creation or by updating the RDS Settings after RDS creation.

hashtag
Enabling IAM when creating an RDS

Select the Enable IAM auth option when you create an RDS database.

Create a RDS page with Enable IAM Auth option highlighted

hashtag
Enabling IAM after RDS creation

  1. In the DuploCloud Portal, navigate to Cloud Services -> Database.

  2. In the RDS tab, select the database for which you want to enable IAM.

  3. Click the Actions menu and select RDS Settings -> Update IAM Auth. The Update IAM Auth pane displays.

    Actions menu in RDS tab with RDS Settings

    Update IAM Auth pane

  4. Select Enable IAM Auth.

  5. Click Update.

hashtag
Getting an Authentication Token

To download a token which you can use for IAM authentication:

  1. In the DuploCloud Portal, navigate to Cloud Services -> Database.

  2. In the RDS tab, select the database for which you want to enable IAM.

  3. Click the Actions menu and select View -> Get DB Auth Token. The RDS Credentials window displays.

    Actions menu in RDS tab with View -> Get DB Auto Token option

  4. In the RDS Credentials window, click the Copy Icon ( ) to copy the Endpoint, Username, and Password to your clipboard.

  5. Click Close to dismiss the window.

PreviousAurora Global DatabaseNextBackup and restore

Last updated

Was this helpful?