Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (5.6k points)

I'm using the below policy to allow my IAM user to create RDS instance via AWS UI:

{

"Version": "2012-10-17",

"Statement": [

    {

        "Sid": "VisualEditor0",

        "Effect": "Allow",

        "Action": "rds:*",

        "Resource": "*"

    }

]}

But I'm getting the below error:

"Currently retrieving account attributes We are currently in the process of retrieving your account attributes. Please try again in a few minutes."

Please advise!

1 Answer

0 votes
by (12.4k points)

It seems to be missing some EC2 and network permissions. AWS has some predefined policies "AmazonRDSReadOnlyAcess" or "AmazonRDSFullAccess", which is defined as:

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Action": [

                "rds:*",

                "cloudwatch:DescribeAlarms",

                "cloudwatch:GetMetricStatistics",

                "ec2:DescribeAccountAttributes",

                "ec2:DescribeAvailabilityZones",

                "ec2:DescribeInternetGateways",

                "ec2:DescribeSecurityGroups",

                "ec2:DescribeSubnets",

                "ec2:DescribeVpcAttribute",

                "ec2:DescribeVpcs",

                "sns:ListSubscriptions",

                "sns:ListTopics",

                "sns:Publish",

                "logs:DescribeLogStreams",

                "logs:GetLogEvents"

            ],

            "Effect": "Allow",

            "Resource": "*"

        },

        {

            "Action": "pi:*",

            "Effect": "Allow",

            "Resource": "arn:aws:pi:*:*:metrics/rds/*"

        },

        {

            "Action": "iam:CreateServiceLinkedRole",

            "Effect": "Allow",

            "Resource": "arn:aws:iam::*:role/aws-service-role/rds.amazonaws.com/AWSServiceRoleForRDS",

            "Condition": {

                "StringLike": {

                    "iam:AWSServiceName": "rds.amazonaws.com"

                }

            }

        }

    ]

}

Do you want to learn more about AWS? Checkout AWS developer associate certification by Intellipaat! 

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer
0 votes
1 answer

Browse Categories

...