Simplify database authentication management with the Amazon Aurora PostgreSQL pg_ad_mapping extension
Database Blog
This article discusses the new `pg_ad_mapping` extension for Amazon Aurora PostgreSQL, which simplifies database authentication management using Active Directory (AD) security groups.
- Previously, Aurora PostgreSQL required manual provisioning of each AD user to the database
- The new extension allows mapping AD security groups directly to database roles
- Supports Kerberos authentication with AWS Managed Microsoft AD
- Enables automatic role assignment based on AD group memberships
- Provides weight-based role precedence when a user belongs to multiple groups
Key features include:
- Simplified access management through AD security groups
- Automatic role assignment based on group membership
- Support for dynamic group changes without manual database updates
- Enhanced security and centralized authentication
The extension is available in Amazon Aurora PostgreSQL versions 14.10 and 15.5 and provides a more efficient way to manage database access controls.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Mar 25
2026
2026
Amazon Aurora PostgreSQL now supports creating and connecting to a database in seconds
May 8
2024
2024
Use Kerberos authentication with Amazon Aurora MySQL
Aug 15
2025
2025
Securing Amazon Aurora DSQL: Access control best practices
May 12
2026
2026
Migrating Amazon RDS for PostgreSQL to Amazon Aurora using seeded logical replication
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.