Search code examples
amazon-web-servicesamazon-rdsmonitoringnewrelic

Configuring newrelic for RDS

I'm configuring newrelic for the first time and in order to configure rewrelic for my Postgres RDS instance, I was going through the instructions:

enter image description here

However, on my AWS console there's nothing as such Another AWS account role type:

enter image description here

I tried choosing rds-monitoring-role - but there I didn't get another further option for account ID etc.. Am I missing anything? Also, I'm on free AWS and newrelic account - can this be a problem as I'm seeing limited options?

Solution

  • Basically you need an IAM role with a policy including the permissions listed here:

    • rds:ListTagsForResource
    • rds:DescribeDBInstances
    • rds:DescribeDBClusters

    The Roles trust policy needs the following lines inserting:

    • "Principal": {"AWS": "[ACCOUNT_ID]"},
    • "Condition": {"StringEquals": {"sts:ExternalId": "[EXTERNAL_ID]"}}

    Where [ACCOUNT_ID] and [EXTERNAL_ID] are replaced with the values above. This allows NR to assume this role to retreive your RDS instance metrics