How do I reset the admin user password for my Amazon RDS DB instance?

2 minute read
1

I want to reset the admin (master) user password for my Amazon Relational Database Service (Amazon RDS) DB instance.

Short description

You can change the admin user password for your DB instance using the Amazon RDS console.

For clustered systems, such as Amazon Aurora, reset the password for any RDS DB instance in the cluster with a Writer or Reader role. Then, choose Apply Immediately. The password change is asynchronous and applies as soon as possible. This means that the RDS DB instance doesn't require a restart.

Note: Existing connections aren't dropped. However, when you reconnect, you must provide the updated password.

Resolution

To modify the master user password of your DB instance, complete the following steps:

  1. Open the Amazon RDS console.
  2. Select Databases.
  3. Select the RDS DB instance, and then choose Modify.
    Note: For Aurora, expand the cluster, and choose the instance that you want to modify. Then, choose Modify.
  4. Enter the password that you want to use in the New Master Password field.
    Note: The password change is asynchronous and applies as soon as possible. This change ignores the Apply Immediately setting.
  5. Choose Continue, and then choose Modify DB Instance.

Note: In some cases, your RDS admin user might lose their privileges. If this happens, then reset the admin user password on the DB instance. This allows you to regain access and restore any revoked privileges. The password can be the same as a previously used password, or it can be a new password.

To use the AWS Command Line Interface (AWS CLI) to modify the password, run the modify-db-instance command. For an Aurora cluster, run the modify-db-cluster command.

You can also use the Amazon RDS API ModifyDBInstance to modify an RDS DB instance.

Note: If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

The Status field for your RDS DB instance on the RDS dashboard changes to resetting-master-credentials. When the modification is complete, the Status column changes to Available.

Related information

Using the Apply Immediately setting

Working with parameter groups

Resetting the db_owner role password

I forgot my root user password for my AWS account

6 Comments

What about if I forgot the name of the root user as well?

replied 2 years ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 2 years ago

Something to note is if you are managing secretes in Secret Manager, you will need to select the checkbox that states Rotate Secret Immediately.

paul
replied a year ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied a year ago

Hi AWS Offcial, I have an issue about change rds admin password. When I restored a database from different rds server use s3 bucket (rds_restore_database), everything is fine, but I didn't have privileges to connect the database has restored, so I modified the rds instance admin's password, and now I can connect in to the restored database, but when I need to restore the new database using origin restored database's bak, something wrong happened, the restore goes to 100 percent processed, and the task throw error: Cannot remap user to login 'admin', because the login is already mapped to a user in the database.  Changed database context to 'master'. So I checked my sys.database_principals table, there is a new 'admin1' users has been created. Is there any solution can suggest me ? Thanks.

replied 10 months ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 10 months ago