[Solved] Error creating RDS DB Instance: IAM role ARN value is not value or does not include the required permissions for: ENHANCED_MONITORING

0 min read 82 words

When you are trying to create an RDS database and you get the dreaded error message:

IAM role ARN value is invalid or does not include the required permissions for: ENHANCED_MONITORING

Then you need to make sure that you are assuming the correct service principle:

monitoring.rds.amazonaws.com

Your code should look something like this:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "Service": "cloudwatch.amazonaws.com"
      }
    },
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "Service": "monitoring.rds.amazonaws.com"
      }
    }
  ]
}
Tags:
Andrew
Andrew

Andrew is a visionary software engineer and DevOps expert with a proven track record of delivering cutting-edge solutions that drive innovation at Ataiva.com. As a leader on numerous high-profile projects, Andrew brings his exceptional technical expertise and collaborative leadership skills to the table, fostering a culture of agility and excellence within the team. With a passion for architecting scalable systems, automating workflows, and empowering teams, Andrew is a sought-after authority in the field of software development and DevOps.

Tags