Set up and troubleshoot IAM database authentication in AWS DMS
Database Blog
This article provides a comprehensive guide to configuring and troubleshooting IAM database authentication in AWS Database Migration Service (AWS DMS).
- IAM DB authentication uses temporary tokens instead of static passwords for RDS access
- Requires AWS DMS replication instance version 3.6.1 or later
- Supported for RDS MySQL, MariaDB, and PostgreSQL databases
- CDC not supported for PostgreSQL with IAM authentication
- Requires 300-1000 MiB extra memory on database instance
- Configure IAM database user, create IAM policy with rds-db:connect permission
- Create IAM role for DMS service and attach policy
- Import SSL/TLS certificates and enable IAM authentication on DMS endpoint
- Troubleshooting focuses on network connectivity and IAM permission validation
- Common errors include missing rds_iam grant and access denied messages
The guide offers step-by-step configuration instructions and structured troubleshooting approaches for resolving IAM authentication issues with AWS DMS endpoints.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Oct 17
2024
2024
Use IAM authentication with Amazon DocumentDB (with MongoDB compatibility)
Jun 25
2024
2024
Amazon DocumentDB announces IAM database authentication
Sep 20
2024
2024
Connect to an Amazon RDS or Amazon Aurora instance using a federated user with AWS IAM Identity Center and IAM database authentication
Nov 13
2025
2025
Securely accessing external accounts with AWS IAM Identity Center
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.