DataBase | Notion

REGION_CODE="ap-northeast-2"
SECRETS_MANAGER_NAME="demo-rds-secrets"
DB_USER=$(aws secretsmanager get-secret-value --secret-id $SECRETS_MANAGER_NAME --query "SecretString" --output text --region $REGION_CODE | jq -r ".username")
DB_PASSWORD=$(aws secretsmanager get-secret-value --secret-id $SECRETS_MANAGER_NAME --query "SecretString" --output text --region $REGION_CODE | jq -r ".password")
DB_HOST=$(aws secretsmanager get-secret-value --secret-id $SECRETS_MANAGER_NAME --query "SecretString" --output text --region $REGION_CODE | jq -r ".host")
DB_PORT=$(aws secretsmanager get-secret-value --secret-id $SECRETS_MANAGER_NAME --query "SecretString" --output text --region $REGION_CODE | jq -r ".port")
DB_NAME=$(aws secretsmanager get-secret-value --secret-id $SECRETS_MANAGER_NAME --query "SecretString" --output text --region $REGION_CODE | jq -r ".dbname")

mysql -h $DB_HOST -P $DB_PORT -u $DB_USER -p$DB_PASSWORD -D $DB_NAME

CREATE USER rds_iam IDENTIFIED WITH AWSAuthenticationPlugin AS 'RDS';

ALTER USER 'rds_iam'@'%' REQUIRE SSL;

GRANT ALL PRIVILEGES ON demo.* TO 'rds_iam'@'%';

FLUSH PRIVILEGES;

wget <https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem>