Introduction

AWS Identity and Access Management (IAM) is an AWS service that helps an administrator securely control access to AWS resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use Amazon RDS resources. IAM is an AWS service that you can use with no additional charge.

Enable IAM role based access control for rds cluster on UAT/Prod Env

IAM accounts to control access to Amazon RDS API operations, especially operations that create, modify, or delete Amazon RDS resources. Such resources include DB instances, security groups, and parameter groups. Also use IAM to control actions that perform common administrative actions such as backing up and restoring DB instances.

Create an individual user for each person who manages Amazon RDS resources. Don’t use AWS root credentials to manage Amazon RDS resources.
Grant each user the minimum set of permissions required to perform his or her duties.
Use IAM groups to effectively manage permissions for multiple users.
Configure AWS Secrets Manager to automatically rotate the secrets for Amazon RDS. For more information, see Rotating your AWS Secrets Manager secrets in the AWS Secrets Manager User Guide. You can also retrieve the credential from AWS Secrets Manager programmatically. For more information, see Retrieving the secret value in the AWS Secrets Manager User Guide.

Centralized Logging RDS Patching & Upgrades