- Newest
- Most votes
- Most comments
Hello,
I'm Seungwon, the support engineer answering you with RDS issue.
I can only offer responses based on general possibilities.
Because, I can’t access your resource.
Your understanding in this matter is greatly appreciated.
From your question, I think you need to check trust relationship.
When you create an IAM role, you attach a trust relationship and a permissions policy.
The trust relationship allows RDS to assume this role. The permissions policy defines the actions this role can perform.
For the native backup and restore feature, use trust relationships and permissions policies similar to the examples in this section.
In the following example, we use the service principal name rds.amazonaws.com as an alias for all service accounts.
In the other examples, we specify an Amazon Resource Name (ARN) to identify another account, user, or role that we're granting access to in the trust policy.
Example trust relationship with global condition context key for native backup and restore
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "rds.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"aws:SourceArn": [
"arn:aws:rds:Region:my_account_ID:db:db_instance_identifier",
"arn:aws:rds:Region:my_account_ID:og:option_group_name"
]
}
}
}
]
}
[+] Importing and exporting SQL Server databases using native backup and restore - Manually creating an IAM role for native backup and restore - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.Procedural.Importing.html#SQLServer.Procedural.Importing.Native.Enabling.IAM
I hope that you found this information useful and the services mentioned above are suitable for your requirements and specific use-cases.
If further precise analysis and root cause identification are required, I recommend considering enrollment in an AWS Support Plan. This will ensure that an appropriate engineer is assigned to your case, enabling you to obtain the desired resolution. [+] AWS Support Plan - https://aws.amazon.com/premiumsupport/plans/?nc1=h_ls
Relevant content
- asked 2 years ago
- Accepted Answerasked 4 years ago
- Accepted Answerasked 3 months ago
- AWS OFFICIALUpdated 15 days ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Hi Seungwon,
Using your instructions, I was able to resolve the problem. Actually the added sqlNativeBackup permission policy was from another instance. After adjustment, backups were created successfully!
Thank you very much!
Celio