AWS RDS (IAM)

aws database

Amazon Relational Database Service (RDS) simplifies setup, operation, and scaling of relational databases in the cloud.

Common permissions

rds:CreateDBInstancerds:DeleteDBInstancerds:DescribeDBInstancesrds:StartDBInstancerds:StopDBInstancerds:CreateDBSnapshotrds:DeleteDBSnapshotrds:DescribeDBSnapshots

Least-privilege example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "rds:CreateDBInstance",
        "rds:DeleteDBInstance",
        "rds:DescribeDBInstances",
        "rds:StartDBInstance",
        "rds:StopDBInstance",
        "rds:CreateDBSnapshot",
        "rds:DeleteDBSnapshot",
        "rds:DescribeDBSnapshots"
      ],
      "Resource": "*"
    }
  ]
}

Warnings

Avoid rds:* — grants full control including deletion of instances and snapshots.
Avoid rds:CreateDBInstance without resource constraints — can lead to high costs.

Resources

AWS referenceservicereference.us-east-1.amazonaws.com/v1/rds/rds.json ↗

API

full doc /v1/iam/rds