- Newest
- Most votes
- Most comments
Hi,
You say that the feature is attached to the IAM role. I don't think that it is: it is indeed attached to the options group: for RDS: see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-efs-integration.html#oracle-efs-integration.adding
aws rds add-option-to-option-group \
--option-group-name myoptiongroup \
--options "OptionName=EFS_INTEGRATION,OptionSettings=\
[{Name=EFS_ID,Value=fs-1234567890abcdef0},{Name=USE_IAM_ROLE,Value=TRUE}]"
AFAIK. nothing prevents you to run the above command twice for your options group: once for EFS and a second time for S3.
Please, let us now if you succeeded.
Best,
Didier
-
Create a single IAM role with both EFS_INTEGRATION and S3_INTEGRATION features enabled. Although the documentation says you can't set both features on a single IAM policy attachment, you can actually do so when creating the role.
-
Attach this role to your RDS instance. This will allow your Oracle RDS database to access both EFS and S3.
Here's an example IAM role policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowEFSIntegration",
"Effect": "Allow",
"Action": "elasticfilesystem:Client*",
"Resource": "arn:aws:elasticfilesystem:*:*:file-system/*"
},
{
"Sid": "AllowS3Integration",
"Effect": "Allow",
"Action": "s3:*",
"Resource": "arn:aws:s3:::*"
}
]
}
Relevant content
- asked 5 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 9 days ago
Yes, the option group part just needs S3 and EFS added, that's fine. However, when attaching the role to the RDS instance, you have to specify a feature of S3_INTEGRATION or EFS_INTEGRATION, e.g. aws rds add-role-to-db-instance --db-instance-identifier mydbinstance --feature-name S3_INTEGRATION --role-arn your-role-arn
The issue is that the docs say only one role can be attached, we can only use one feature per attachment and we need two features to support both EFS & S3.