Hi everyone! We've implemented IAM Authentication for our MySQL Aurora (Serverless v2), but I'm having trouble figuring out how to trace successful connection attempts. Currently, the only CloudWatch log export available is for iam-db-auth-error, which only logs failed attempts. While that's helpful, we really need a way to monitor who's connecting to our databases for compliance purposes. I've checked CloudTrail, but I'm not seeing any relevant information there either. Does anyone have ideas or workarounds for tracking successful connections?
2 Answers
Have you thought about using advanced auditing? It might give you some insights into what you're looking for. Check out the AWS documentation here: [Advanced Auditing](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Auditing.html)!
I appreciate the suggestion, but the advanced auditing won’t really work for us since we don’t use personalized MySQL logins. It would only log a connection with the same shared username like 'dev' or 'readonly'. I think there’s a gap in tracking the IAM auth process for successful logins. If failed attempts can be logged, why can’t successful ones?
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads