How Do I Grant Only the Permission to Use DAS to an IAM User?

  1. Create a user-defined policy for DAS.

    On the management console, choose Service List > Management & Governance > Identity and Access Management. On the displayed page, select Permissions and click Create Custom Policy.

  2. Select the rds:instance:list permission of RDS and das:connections:list permission of DAS.

    You can also select JSON for Policy View and enter the following statements in Policy Content.

    {
    "Version": "1.1",
    "Statement": [
        {
            "Action": [
                "rds:instance:list"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "das:connections:list"
            ],
            "Effect": "Allow"
        }
    ]
}

  3. Create a DAS user group. Then, click Manage Permissions in the Operation column to select the custom permissions.
  4. Create an IAM user and add it to the user group.
Parent topic: Usage