Step 3: Add your IAM role to your RDS for Db2 DB instance
In this step, you add your IAM role to your RDS for Db2 DB instance. Note the following requirements:
-
You must have access to an IAM role with the required Amazon S3 permissions policy attached to it.
-
You can only associate one IAM role with your RDS for Db2 DB instance at a time.
-
Your RDS for Db2 DB instance must be in the Available state.
You can add an IAM role to your DB instance by using the AWS Management Console or the AWS CLI.
To add an IAM role to your RDS for Db2 DB instance
Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/
. -
In the navigation pane, choose Databases.
-
Choose your RDS for Db2 DB instance name.
-
On the Connectivity & security tab, scroll down to the Manage IAM roles section at the bottom of the page.
-
For Add IAM roles to this instance, choose the role that you created in Step 2: Create an IAM role and attach your IAM policy.
-
For Feature, choose S3_INTEGRATION.
-
Choose Add role.
To add an IAM role to your RDS for Db2 DB instance, run the add-role-to-db-instance command. In the
following example, replace db_instance_name
and
iam_role_arn
with the name of your DB instance
and the ARN of the IAM role that you created in Step 2: Create an IAM role and attach your
IAM policy.
For Linux, macOS, or Unix:
aws rds add-role-to-db-instance \ --db-instance-identifier
db_instance_name
\ --feature-name S3_INTEGRATION \ --role-arniam_role_arn
\
For Windows:
aws rds add-role-to-db-instance ^ --db-instance-identifier
db_instance_name
^ --feature-name S3_INTEGRATION ^ --role-arniam_role_arn
^
To confirm that the role was successfully added to your RDS for Db2 DB instance,
run the describe-db-instances command. In the following
example, replace db_instance_name
with the name of
your DB instance.
For Linux, macOS, or Unix:
aws rds describe-db-instances \ --filters "Name=db-instance-id,Values=
db_instance_name
" \ --query 'DBInstances[].AssociatedRoles'
For Windows:
aws rds describe-db-instances ^ --filters "Name=db-instance-id,Values=
db_instance_name
" ^ --query 'DBInstances[].AssociatedRoles'
This command produces output similar to the following example:
[
[
{
"RoleArn": "arn:aws:iam::0123456789012:role/rds-db2-s3-role",
"FeatureName": "S3_INTEGRATION",
"Status": "ACTIVE"
}
]
]