AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관

RDS Read Replica - Users created in the primary not able to access read replica

0

We have RDS PostgreSQL and a Read Replica associated with it. We have noticed that the users created in the Primary cannot connect to the read replica. Are there additional steps required for the same?

Secondly, if we modify the master password of the read replica, does it impact the primary db master password?

We are not using AWS Secrets Manager

1개 답변
0

There are a few important things to know about user access to PostgreSQL read replicas in Amazon RDS. By default, user accounts created on the primary RDS PostgreSQL instance are not automatically replicated to read replicas. This is for security reasons, to allow controlling access separately.

To allow users to connect to the read replica, you generally need to manually create those user accounts on the read replica as well. However, you should not directly create/modify users on a read replica since it's read-only.

A possible approach is to use the PostgreSQL replication mechanisms to replicate the user accounts. Specifically: On the primary instance, create the users inside a publication On the read replica, create a subscription to that publication

For administrative access, RDS provides a special rdsadmin user that can connect to read replicas. You can use this to perform necessary setup.

Make sure the security group and network ACLs allow connections from your application/users to the read replica endpoint.

Users connecting to the read replica need to be granted appropriate SELECT permissions on the tables they need to query.

If you modify the master password of the read replica, it does not impact the primary db master password, however it is not recommended to change anything on the read replica only, as it should stay as an exact copy of the primary Hope this helps

AWS
답변함 2달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠