Amazon RDS

Amazon RDS, Relational Database Service

Least Privileged User

Navigate to the AWS console and create an IAM user with programmatic access. The user will need the following permissions. You can create a policy specifically for these permissions and apply the permissions to the user.

For more information, see: High Level AWS Source Configuration

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "LpuPolicy",
      "Effect": "Allow",
      "Action": [
        "rds:ListTagsForResource",
        "rds:DescribeDBSnapshots",
        "rds:DescribeDBInstances",
        "cloudwatch:GetMetricStatistics",
        "cloudwatch:ListMetrics"
      ],
      "Resource": "*"
    }
  ]
}

Connection Parameters

NameRequired?Description
Region
Access Key IDRequired
Secret Access KeyRequired
Collect Tags
FilterUsed to filter DB Instances in combination with conditions.
ConditionsRequiredUsed with filter parameter to determine how to filter DB Instances.

Metrics

Cluster

NameDescription
Allocated Storage (Gibibytes)The Allocated Storage of the Cluster.
Backup Retention Period (Days)The Backup Retention Period of the Cluster.
Character Set NameThe Character Set Name of the Cluster.
Clone Group IDThe Clone Group ID of the Cluster.
Cluster Create TimeThe Cluster Create Time of the Cluster.
Cluster IdentifierThe Cluster Identifier of the Cluster.
Cluster Parameter GroupThe Cluster Parameter Group of the Cluster.
Earliest Restorable TimeThe Earliest Restorable Time of the Cluster.
EndpointThe Endpoint of the Cluster.
EngineThe Engine of the Cluster.
Engine VersionThe Engine Version of the Cluster.
IAM Database Authentication EnabledIndicates if the Cluster has IAM Database Authentication enabled.
KMS Key IDThe KMS Key ID of the Cluster.
Latest Restorable TimeThe Latest Restorable Time of the Cluster.
Master UsernameThe Master Username of the Cluster.
Multi AZIndicates if the Cluster has Multi Availability Zone enabled.
PortThe Port of the Cluster.
Preferred Backup WindowThe Preferred Backup Window of the Cluster.
Preferred Maintenance WindowThe Preferred Maintenance Window of the Cluster.
ProgressThe Percent Progress of the Cluster.
Reader EndpointThe Reader Endpoint of the Cluster.
RegionThe AWS Region this object belongs to.
Replication Source IdentifierThe Replication Source Identifier of the Cluster.
StatusThe Status of the Cluster.
Storage EncryptedIndicates if the Cluster has Storage Encrypted enabled.
Subnet Group NameThe Subnet Group Name of the Cluster.

Instance

NameDescription
Allocated Storage (Gibibytes)The Allocated Storage of the RDS Instance.
Auto Minor Version UpgradeIndicates if the RDS Instance will Automatically Upgrade Minor Version.
Availability ZoneThe Availability Zone of the RDS Instance.
Backup Retention Period (Days)The Backup Retention Period of the RDS Instance.
Binary Log Disk Usage (Bytes)The Binary Log Disk Usage of the RDS Instance.
CA Certificate IdentifierThe CA Certificate Identifier of the RDS Instance.
Character Set NameThe Character Set Name of the RDS Instance.
ClassThe Class of the RDS Instance.
Cluster IdentifierThe Cluster Identifier of the RDS Instance.
Copy Tags to SnapshotIndicates if the RDS Instance will Copy Tags to Snapshot.
CPU Credit BalanceThe CPU Credit Balance of the RDS Instance.
CPU Credit UsageThe CPU Credit Usage of the RDS Instance.
CPU Utilization (%)The CPU Utilization of the RDS Instance.
Database ConnectionsThe Database Connections of the RDS Instance.
DBI Resource IDThe DBI Resource ID of the RDS Instance.
Disk Queue DepthThe Disk Queue Depth of the RDS Instance.
Endpoint AddressThe Endpoint Address of the RDS Instance.
Endpoint Hosted Zone IDThe Endpoint Hosted Zone ID of the RDS Instance.
Endpoint PortThe Endpoint Port of the RDS Instance.
EngineThe Engine of the RDS Instance.
Engine VersionThe Engine Version of the RDS Instance.
Enhanced Monitoring Resource ARNThe Enhanced Monitoring Resource ARN of the RDS Instance.
Free Storage Space (Bytes)The Free Storage Space of the RDS Instance.
Freeable Memory (Bytes)The Freeable Memory of the RDS Instance.
IdentifierThe Identifier of the RDS Instance.
Instance Create TimeThe Instance Create Time of the RDS Instance.
KMS Key IDThe KMS Key ID of the RDS Instance.
Latest Restorable TimeThe Latest Restorable Time of the RDS Instance.
License ModelThe License Model of the RDS Instance.
Master UsernameThe Master Username of the RDS Instance.
Monitoring Interval (Seconds)The Monitoring Interval of the RDS Instance.
Monitoring Role ARNThe Monitoring Role ARN of the RDS Instance.
Multi AZIndicates if the RDS Instance has Multi Availability Zone enabled.
NameThe Name of the RDS Instance.
Network Receive Throughput (Bytes per Second)The Network Receive Throughput of the RDS Instance.
Network Transmit Throughput (Bytes per Second)The Network Transmit Throughput of the RDS Instance.
PortThe Port of the RDS Instance.
Preferred Backup WindowThe Preferred Backup Window of the RDS Instance.
Preferred Maintenance WindowThe Preferred Maintenance Window of the RDS Instance.
Provisioned IO Rate (per Second)The Provisioned IOPS of the RDS Instance.
Publicly AccessibleIndicates if the RDS Instance is Publicly Accessible.
Read IO Rate (per Second)The Read IOPS of the RDS Instance.
Read Latency (Seconds)The Read Latency of the RDS Instance.
Read Replica Source DB Instance IdentifierThe Read Replica Source DB Instance Identifier of the RDS Instance.
Read Throughput (Bytes per Second)The Read Throughput of the RDS Instance.
RegionThe AWS Region this object belongs to.
Secondary Availability ZoneThe Secondary Availability Zone of the RDS Instance.
StatusThe Status of the RDS Instance.
Storage EncryptedIndicates if the RDS Instance has Storage Encrypted enabled.
Storage TypeThe Storage Type of the RDS Instance.
Subnet Group DescriptionThe Subnet Group Description of the RDS Instance.
Subnet Group NameThe Subnet Group Name of the RDS Instance.
Subnet Group StatusThe Subnet Group Status of the RDS Instance.
Subnet Group VPC IDThe Subnet Group VPC ID of the RDS Instance.
Swap Usage (Bytes)The Swap Usage of the RDS Instance.
TDE Credential ARNThe TDE Credential ARN of the RDS Instance.
Transaction Logs Disk Usage (Bytes)The Transaction Logs Disk Usage of the RDS Instance.
Write IO Rate (per Second)The Write IOPS of the RDS Instance.
Write Latency (Seconds)The Write Latency of the RDS Instance.
Write Throughput (Bytes per Second)The Write Throughput of the RDS Instance.

Snapshot

NameDescription
Allocated Storage (Gibibytes)The Allocated Storage of the RDS Snapshot.
Availability ZoneThe Availability Zone of the RDS Snapshot.
DB Instance IdentifierThe DB Instance Identifier of the RDS Snapshot.
EncryptedIndicated if the RDS Snapshot is Encrypted.
Engine VersionThe Engine Version of the RDS Snapshot.
KMS Key IDThe KMS Key ID of the RDS Snapshot.
License ModelThe License Model of the RDS Snapshot.
Master UsernameThe Master Username of the RDS Snapshot.
Option Group NameThe Option Group Name of the RDS Snapshot.
PortThe Port of the RDS Snapshot.
ProgressThe Percent Progress of the RDS Snapshot.
Provisioned IO Rate (per Second)The Provisioned IOPS of the RDS Snapshot.
RegionThe AWS Region this object belongs to.
Snapshot Create TimeThe Create Time of the RDS Snapshot.
Snapshot IdentifierThe Snapshot Identifier of the RDS Snapshot.
Snapshot TypeThe Snapshot Type of the RDS Snapshot.
Source RegionThe Source Region of the RDS Snapshot.
StatusThe Status of the RDS Snapshot.
Storage TypeThe Storage Type of the RDS Snapshot.
TDE Credential ARNThe TDE Credential ARN of the RDS Snapshot.
VPC IDThe VPC ID of the RDS Snapshot.

Tag

NameDescription
Instance IDThe Instance ID of the Tag.
NameThe Name of the Tag.
ValueThe Value of the Tag.