[Solved] Error Creating RDS DB Instance: IAM Role ARN Value Is Not Value or Does Not Include the Required Permissions For: ENHANCED_MONITORING

  • Home /
  • Blog Posts /
  • [Solved] Error creating RDS DB Instance: IAM role ARN value is not value or does not include the required permissions for: ENHANCED_MONITORING

Published on 28 June 2022

Author: Andrew

Estimated reading time: 1 min

#Aws

When you are trying to create an RDS database and you get the dreaded error message:

IAM role ARN value is invalid or does not include the required permissions for: ENHANCED_MONITORING

Then you need to make sure that you are assuming the correct service principle:

monitoring.rds.amazonaws.com

Your code should look something like this:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "Service": "cloudwatch.amazonaws.com"
      }
    },
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "Service": "monitoring.rds.amazonaws.com"
      }
    }
  ]
}

Published on 28 June 2022

Filed under #Aws