Amazon Relational Database Service
User Guide (API Version 2014-10-31)

Creating an IAM Role to Allow Amazon Aurora to Access AWS Services

After creating an IAM policy to allow Aurora to access AWS resources, you must create an IAM role and attach the IAM policy to the new IAM role.

To create an IAM role to permit your Amazon RDS cluster to communicate with other AWS services on your behalf, take the following steps.

To create an IAM role to allow Amazon RDS to access AWS services

  1. Open the IAM Console.

  2. In the navigation pane, choose Roles.

  3. Choose Create New Role.

  4. For Role Name, type a name for your role, for example RDSLoadFromS3. Choose Next Step.

  5. Choose AWS Service Roles, and then scroll to Amazon RDS. Choose Select.

  6. Choose Next Step

  7. Review the information, and then choose Create Role.

  8. In the list of IAM roles, select your newly created role. Choose the Permissions tab, and then choose Attach Policy.

  9. Select the policy that you defined earlier in either Creating an IAM Policy to Access Amazon S3 Resources, Creating an IAM Policy to Access AWS Lambda Resources, or Allowing Amazon Aurora to Access Amazon CloudWatch Logs Resources.

  10. Choose Attach Policy.