Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Adding a new database user when using RDS Proxy - Amazon Aurora

Adding a new database user when using RDS Proxy

In some cases, you might add a new database user to an Aurora cluster that's associated with a proxy. If so, add or repurpose a Secrets Manager secret to store the credentials for that user. To do this, run through the following steps:

  1. Create a new Secrets Manager secret, using the procedure described in Setting up database credentials in AWS Secrets Manager for RDS Proxy.

  2. Update the IAM role to give RDS Proxy access to the new Secrets Manager secret. To do so, update the resources section of the IAM role policy.

  3. Modify the RDS Proxy to add the new Secrets Manager secret under Secrets Manager secrets.

  4. If the new user takes the place of an existing one, update the credentials stored in the proxy's Secrets Manager secret for the existing user.

Adding a new database user to a PostgreSQL database when using RDS Proxy

When adding a new user to your PostgreSQL database, if you have run the following command:

REVOKE CONNECT ON DATABASE postgres FROM PUBLIC;

Grant the rdsproxyadmin user the CONNECT privilege so the user can monitor connections on the target database.

GRANT CONNECT ON DATABASE postgres TO rdsproxyadmin;

You can also allow other target database users to perform health checks by changing rdsproxyadmin to the database user in the command above.

Changing the password for a database user when using RDS Proxy

In some cases, you might change the password for a database user in an Aurora cluster that's associated with a proxy. If so, update the corresponding Secrets Manager secret with the new password.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.