Category: AWS Identity and Access Management (IAM)

HAQM DocumentDB now supports authentication of database users using IAM – users and applications can authenticate to HAQM DocumentDB clusters using IAM users and roles. In this post, we discuss this new feature and provide you resources on how to enable IAM authentication in your HAQM DocumentDB cluster.

This post is a follow-up to Use HAQM RDS Proxy to provide access to RDS databases across AWS accounts, addressing cross-account connectivity when using RDS Proxy. We discuss how you can achieve cross-account connectivity while taking advantage of the simplicity and benefits of IAM authentication.

Company policies usually do not allow database instances to have a public endpoint unless there is a specific business requirement. Although that protects those resources from public access over the internet, it also limits how users can connect to them from their computers. Frequently, database administrators and development teams try to overcome that restriction by […]

HAQM ElastiCache for Redis is a fully managed, Redis-compatible, in-memory caching service that provides microsecond speed to support real-time applications. ElastiCache for Redis combines the speed, simplicity, and versatility of open-source Redis with the reliability, scalability, manageability, and security from AWS to power the most demanding real-time applications in media and entertainment, financial services, ecommerce, AdTech, […]

Many software as a service (SaaS) customers on AWS are familiar with multi-tenancy and tenant isolation. Indeed, customers using MySQL, for instance, may have adopted the bridge model of multi-tenancy, where each tenant has access to their own isolated database or schema. AWS provides many tools and best practices to get started, but achieving database […]

October 2022: This post was reviewed and updated with a new architecture diagram and code updates to factor the change from CDK 1.x to CDK 2.x. HAQM ElastiCache for Redis is an AWS managed, Redis-compliant service that provides a high-performance, scalable, and distributed key-value data store that you can use as a database, cache, message […]

This blog post was last reviewed and updated July, 2024. HAQM Relational Database Service (RDS) enables you to use AWS Identity and Access Management (IAM) to manage database access for HAQM RDS for PostgreSQL database instances and HAQM Aurora PostgreSQL clusters. Database administrators can associate database users with IAM users and roles. With IAM database authentication, you don’t need to use a […]

AWS provides two managed PostgreSQL options: HAQM RDS for PostgreSQL and HAQM Aurora PostgreSQL. Both support IAM authentication for managing access to your database. You can associate database users with IAM users and roles to manage user access to all databases from a single location, which avoids issues caused by permissions being out of sync […]

January 2024: This post was reviewed and updated for accuracy. Storing user names and passwords directly in applications is not a best practice. Saving credentials as plaintext should never occur in a secure application. As a solution, AWS Identity and Access Management (IAM) policies can assign permissions that determine who is allowed to manage HAQM […]

A common request that we get from customers is how to protect their resources from an accidental or malicious deletion, such as instances, snapshots, clusters, and so on. Doing this is especially important when you are using a common AWS account for multiple users or teams. Although you want the flexibility to innovate within the […]