Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1rwkdl-003yAC-SD
	for pgsql-general@arkaria.postgresql.org; Tue, 16 Apr 2024 15:22:33 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1rwkdk-004FVq-Bx
	for pgsql-general@arkaria.postgresql.org; Tue, 16 Apr 2024 15:22:32 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <gus.spier@gmail.com>)
	id 1rwkdk-004FVf-0k
	for pgsql-general@lists.postgresql.org; Tue, 16 Apr 2024 15:22:32 +0000
Received: from mail-yw1-x1132.google.com ([2607:f8b0:4864:20::1132])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <gus.spier@gmail.com>)
	id 1rwkdh-0039Qf-K5
	for pgsql-general@lists.postgresql.org; Tue, 16 Apr 2024 15:22:30 +0000
Received: by mail-yw1-x1132.google.com with SMTP id 00721157ae682-614ec7ee902so42318307b3.2
        for <pgsql-general@lists.postgresql.org>; Tue, 16 Apr 2024 08:22:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1713280948; x=1713885748; darn=lists.postgresql.org;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=wg2xs2xwwGPY/Dqq2r6gbckw+bPmKmMAJrwW8epzELo=;
        b=AzMAnjuAJThf2U9mtgSAXr97FDgcyreKMfDCubX2iTyybCmQ2yi6MfiX3iROCpPVMP
         m7/mGsB45qCUP4WDrQgFPGcjN4wNzziTkVMPKgRIV/5Z0GVVqFUJtNygTQalZ01ThKIo
         8sazIT7MMoyQwhNd1Ipxb9SQ/E90K5UKXyt4m6IWBYfoelURSA/Y4L4jlTwMhCmd2JK4
         O7w/Vz2Y29er8Xsapepcx/dPLovdJrX4dvoUIdxdoGraL4c3LhXghdtvCc/FM9nfWn/6
         F8CtrFt/eiTKX6523zyWWjCvCtkMe/Uko4nuScRV0oRL2Gk7qySBLJsvfla8mvkvAiNl
         SijQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1713280948; x=1713885748;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=wg2xs2xwwGPY/Dqq2r6gbckw+bPmKmMAJrwW8epzELo=;
        b=QW4tMPPNDnxaeNKrHT6A0qXPKwriOfRjvSwOB2pWTjZh7TQ4KGAr9E65tSkEFpo0yn
         yy96U1JE2oeizSMErJiSmTOTKu4NZILz98Hc4kjVv6Zqs1X/1w7qfl8umomrhrUZSbf8
         Ex73DwQ3vAB4CEC5fw00gBfiMyoFaoEIP/N5pURlenY1edm6Vnitfp9iTpmgf5Mee8SF
         57dS4+2hwNOWRvGyyXPousoWlO8eARfPzptbxmcVYvT8E9iHs9cb1QoZm4qyJkBQLMBM
         nbTN7aQoSfsJyWE0Esqrl7jff+pNSSdnxJCPQowcpjhB0/WUXMrYHMxo6OJWmf2HOVPn
         7kbA==
X-Gm-Message-State: AOJu0YxiieqQsqfA0nsgPCWiPQr+42xP+3caJtuwFQ7q1oTgy6LoQhF3
	Jix1TJoIHq38CAfdiPxVki95ZcAUdnHIGU5f9A9sXWD4FSzkCMt4Nvcj7hoEcjxWNUQ6POllm7F
	huCeNip6QaW9uJ9bnX2pl6DlWCL5FT5ob
X-Google-Smtp-Source: AGHT+IEDBOjWDpBe40d3yBqE+dmV5TY8jjAZSuKVKk7rFqV++bsuZ06OuWc2RB/AptZqyRalsWJggVs3Mce72uGRoRo=
X-Received: by 2002:a81:b2c7:0:b0:618:8b8a:b4de with SMTP id
 q190-20020a81b2c7000000b006188b8ab4demr10331944ywh.27.1713280948640; Tue, 16
 Apr 2024 08:22:28 -0700 (PDT)
MIME-Version: 1.0
From: Gus Spier <gus.spier@gmail.com>
Date: Tue, 16 Apr 2024 11:22:17 -0400
Message-ID: <CAG8xnieagJShtu1o7fbLmQATreiNLXiZzzxDnGfNpkV+gLjvaA@mail.gmail.com>
Subject: AWS RDS Postgres and the DBA: Which/how many aws permissions/access
 do we really need?
To: pgsql-general <pgsql-general@lists.postgresql.org>
Content-Type: multipart/alternative; boundary="0000000000005826460616384ea4"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAG8xnieagJShtu1o7fbLmQATreiNLXiZzzxDnGfNpkV%2BgLjvaA%40mail.gmail.com>
Precedence: bulk

--0000000000005826460616384ea4
Content-Type: text/plain; charset="UTF-8"

So, I'm looking for advice here.  Can anyone recommend a list of
useful/required AWS RDS permissions for a pro-active DBA? We are taking
custody of a set of databases that will need  sane backup and recovery
plans; table partitioning; undiscovered postgres extensions and we don't
yet know what else.

RDSADMIN is out of the question, even though it would be the one-stop shop
for managing the clusters and databases. But, unless I have to, I do not
care to administrate by trial and error ((tripping over each mine in the
field.)

Any advice would be appreciated.

Thanks,
Gus

--0000000000005826460616384ea4
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">So, I&#39;m looking for advice here.=C2=A0 Can anyone reco=
mmend a list of useful/required AWS RDS permissions=C2=A0for=C2=A0a pro-act=
ive=C2=A0DBA? We are taking custody of a set of databases that will need=C2=
=A0 sane backup and recovery plans; table partitioning; undiscovered postgr=
es extensions and we don&#39;t yet know what else.<div><br></div><div>RDSAD=
MIN is out of the question, even though it would be the one-stop shop for m=
anaging the clusters and databases. But, unless I have to, I do not care to=
 administrate by trial and error ((tripping over each mine in the field.)<b=
r></div><div><br></div><div>Any advice would be appreciated.</div><div><br>=
</div><div>Thanks,</div><div>Gus</div></div>

--0000000000005826460616384ea4--