I'm trying to connect to a postgresql RDS database using Datagrip and the AWS Toolkit plugin with IAM Authentication. The instructions on the subject are confusing and inconsistent and it's very unclear to me what I'm doing wrong. Here's what I did:
- enabled IAM Auth on the RDS instance.
- installed the AWS Toolkit and configured the access keys (I can access most services just fine, including viewing files on S3 through Datagrip. So that part is functional)
- I created a policy that allows
rds-db:connect
action and assigned it to my user
- I used the AWS explorer in Datagrip, selected the DB instance, clicked "connect with IAM auth"
- when I run "test connection" I get this:
The details that the toolkit inserts are correct as far as I can tell. I've been googling, and asking, and trying different things. Some places suggest creating a role to connect through an EC2 instance which I completely don't understand (why would I need a complete instance? Why wouldn't I just connect directly?) It's very confusing, incredibly frustrating and I'm stumped. What am I missing?