AddRoleToDBCluster - Amazon Relational Database Service


Associates an Identity and Access Management (IAM) role from an Amazon Aurora DB cluster. For more information, see Authorizing Amazon Aurora MySQL to Access Other AWS Services on Your Behalf in the Amazon Aurora User Guide.


This action only applies to Aurora DB clusters.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.


The name of the DB cluster to associate the IAM role with.

Type: String

Required: Yes


The name of the feature for the DB cluster that the IAM role is to be associated with. For the list of supported feature names, see DBEngineVersion .

Type: String

Required: No


The Amazon Resource Name (ARN) of the IAM role to associate with the Aurora DB cluster, for example, arn:aws:iam::123456789012:role/AuroraAccessRole.

Type: String

Required: Yes


For information about the errors that are common to all actions, see Common Errors.


DBClusterIdentifier doesn't refer to an existing DB cluster.

HTTP Status Code: 404


The specified IAM role Amazon Resource Name (ARN) is already associated with the specified DB cluster.

HTTP Status Code: 400


You have exceeded the maximum number of IAM roles that can be associated with the specified DB cluster.

HTTP Status Code: 400


The requested operation can't be performed while the cluster is in this state.

HTTP Status Code: 400



This example illustrates one usage of AddRoleToDBCluster.

Sample Request ?Action=AddRoleToDBCluster &DBClusterIdentifier=sample-cluster &RoleArn=arn%3Aaws%3Aiam%3A%3A123456789012%3Arole%2Fsample-role &SignatureMethod=HmacSHA256 &SignatureVersion=4 &Version=2014-10-31 &X-Amz-Algorithm=AWS4-HMAC-SHA256 &X-Amz-Credential=AKIADQKE4SARGYLE/20161012/us-east-1/rds/aws4_request &X-Amz-Date=20161012T204524Z &X-Amz-SignedHeaders=content-type;host;user-agent;x-amz-content-sha256;x-amz-date &X-Amz-Signature=d73c069210f98e5377851fa4c4ab2fdd53e8bd5d5f02f4f8ef15d4daa5b04567

Sample Response

<AddRoleToDBClusterResponse xmlns=""> <ResponseMetadata> <RequestId>ccccbdb6-90bc-11e6-8533-cd6447e421f8</RequestId> </ResponseMetadata> </AddRoleToDBClusterResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: