2022-12-24
1 new condition | 6 updated actions
Additions
Conditions
-
rds:ManageMasterUserPassword
-
Description:
Filters access by the value that specifies whether RDS manages master user password in AWS Secrets Manager for the DB instance or cluster
-
Type:
Bool
Updates
Actions
-
CreateDBCluster
Dependents
-
+ kms:CreateGrant
-
+ kms:Decrypt
-
+ kms:DescribeKey
-
+ kms:GenerateDataKey
-
+ secretsmanager:CreateSecret
-
+ secretsmanager:TagResource
Conditions
-
+ rds:ManageMasterUserPassword
-
CreateDBInstance
Dependents
-
+ kms:CreateGrant
-
+ kms:Decrypt
-
+ kms:DescribeKey
-
+ kms:GenerateDataKey
-
+ secretsmanager:CreateSecret
-
+ secretsmanager:TagResource
Conditions
-
+ rds:ManageMasterUserPassword
-
ModifyDBCluster
Dependents
-
+ kms:CreateGrant
-
+ kms:Decrypt
-
+ kms:DescribeKey
-
+ kms:GenerateDataKey
-
+ secretsmanager:CreateSecret
-
+ secretsmanager:RotateSecret
-
+ secretsmanager:TagResource
Conditions
-
+ rds:ManageMasterUserPassword
-
RestoreDBClusterFromS3
Dependents
-
+ kms:CreateGrant
-
+ kms:Decrypt
-
+ kms:DescribeKey
-
+ kms:GenerateDataKey
-
+ secretsmanager:CreateSecret
-
+ secretsmanager:TagResource
Conditions
-
+ rds:ManageMasterUserPassword
-
RestoreDBInstanceFromS3
Dependents
-
+ kms:CreateGrant
-
+ kms:Decrypt
-
+ kms:DescribeKey
-
+ kms:GenerateDataKey
-
+ secretsmanager:CreateSecret
-
+ secretsmanager:TagResource
Conditions
-
+ rds:ManageMasterUserPassword
-
ModifyDBInstance
Conditions
-
+ rds:ManageMasterUserPassword
Dependents
-
+ kms:CreateGrant
-
+ kms:Decrypt
-
+ kms:DescribeKey
-
+ kms:GenerateDataKey
-
+ secretsmanager:CreateSecret
-
+ secretsmanager:RotateSecret
-
+ secretsmanager:TagResource