Creating an IAM role to allow Amazon Aurora to access AWS services
After creating an IAM policy to allow Aurora to access AWS resources, you must create an IAM role and attach the IAM policy to the new IAM role.
To create an IAM role to permit your Amazon RDS cluster to communicate with other AWS services on your behalf, take the following steps.
To create an IAM role to allow Amazon RDS to access AWS services
-
Open the IAM console
. -
In the navigation pane, choose Roles.
-
Choose Create role.
-
Under AWS service, choose RDS.
-
Under Select your use case, choose RDS – Add Role to Database.
-
Choose Next.
-
On the Permissions policies page, enter the name of your policy in the Search field.
-
When it appears in the list, select the policy that you defined earlier using the instructions in one of the following sections:
-
Choose Next.
-
In Role name, enter a name for your IAM role, for example
RDSLoadFromS3
. You can also add an optional Description value. -
Choose Create Role.
Complete the steps in Associating an IAM role with an Amazon Aurora MySQL DB cluster.