By using AWS re:Post, you agree to the Terms of Use
/Default users (i.e. rdsadmin, rdsrepladmin etc) created by RDS PostgreSQL and their roles and functionalities/

Default users (i.e. rdsadmin, rdsrepladmin etc) created by RDS PostgreSQL and their roles and functionalities

0

A customer is using RDS PostgreSQL to store their data for a regulated business. The customer is now being asked by the regulator

1) For AWS RDS db roles, are rdsadmin, rdsrepladmin, root DEFAULT roles created by AWS and what are the purposes of these roles?

2) Running \du in psql shows “Cannot login” in the Attributes column for those user rds_ad,rds_iam,rds_password,rds_replication,rds_superuser, what does it mean?

Highly appreciated if anyone could shed us some light how to answer these questions? Are we supposed to disclose these details with regulator/customer? Thanks a lot!

1 Answers
0
Accepted Answer

If the customer is new to PostgreSQL, here is a good starter on the concept of roles and users: https://rdspg.workshop.aws/lab9-postgres-introduction/task6.html

1) RDS does create some roles to be able to provide the automation/management that it provides. "rdsadmin" is a role with login permissions (also known as a user) that is used by our internal automation mechanisms. "rdsrepladmin" is a role related to configuring logical replication. "root" appears to be name of the master user that you specified when you created the database. You could have called it something other than "root" if you wanted.

2) Those are roles without login permissions. RDS creates these roles to allow you to grant certain types of permissions to any new users you decide to create. For instance, you could create new users for each of your dbas and grant them the rds_superuser role which would give them capabilities equivalent to the original master user ("root" in your example).

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions