Secrets Manager for RDS db readonly instance

When creating a new RDS secret using Secrets Manager the AWS Console gives the list of RDS db instances. I don't see our readonly instance as part of that list. Do I need to create a custom secret instead of RDS secret to store readonly instance credentials?

Topics

Migration & Modernization Analytics Database Security, Identity, & Compliance

Tags

Amazon Relational Database Service AWS Secrets Manager

Language

English

Shivinder Singh

asked a month ago161 views

2 Answers

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

When creating a new RDS secret in AWS Secrets Manager, it usually lists the RDS DB instances for storing credentials. However, read replicas might not be listed due to certain limitations. If your read-only instance is a read replica, this could be why it’s not appearing. In this case, you might need to create a custom secret to store the credentials for your read-only instance. Remember to follow best practices for managing secrets.

EXPERT

Giovanni Lauria

answered a month ago

EXPERT

Adeleke Adebowale J

reviewed a month ago

Hi Shivinder,

You are essentially right in that you need to create custom secrets to work with read-only RDS instances. Also, while the secrets created for read-write RDS instances are used for many functions including creating backups, read replicas, and other administrative tasks, the secrets for read-only RDS instances are used only for connecting to the database instance and performing read-only queries.

See under Limitations section in https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html

Hope this helps,

Regards,

Govardhanan.

EXPERT

Govardhanan_R

answered a month ago

EXPERT

Gary Mclean

reviewed a month ago

Relevant content

Is it possible to manage an user's password in RDS DB instance with Secrets Manager?
Accepted Answer
HS
asked 10 months ago
connect to RDS using Secrets Manager
GeeGirls4
asked a year ago
Single Secret key for multiple RDS instances.
Narayan
asked a year ago
RDS Aurora serverless global database with secrets manager
rePost-User-3734149
asked a year ago
Why can't I connect to my Amazon RDS DB or Amazon Aurora DB instance using RDS Proxy?
AWS OFFICIALUpdated a year ago
How can I rotate a Secrets Manager secret in a private VPC?
AWS OFFICIALUpdated a year ago
How can I rotate an AWS Secrets Manager secret for a DB connection that requires SSL?
AWS OFFICIALUpdated 2 years ago
How can I immediately delete a Secrets Manager secret so that I can create a new secret with the same name?
AWS OFFICIALUpdated 2 years ago
Manage secrets in CDK via Mozilla SecretOPerationS (SOPS)
EXPERT
Antonio_Lagrotteria
published 10 months ago
Unlocking the Secrets of AWS Identity and Access Management
EXPERT
Giovanni Lauria
published 5 months ago