I have an mssql rds server and I am getting permission denied while trying to create a new user and map that user to my application database as a RDS master user. Can some please help me on this.
Related
I have an AWS RDS Instance that has IAM DB authentication enabled, where people can connect to the database via IAM roles as per the instructions at https://aws.amazon.com/premiumsupport/knowledge-center/rds-postgresql-connect-using-iam/. However, I want users to be able to connect to the RDS instance only via IAM roles, and not via the master username/password that was previously used? Is there a way to disable the master username/password, or enforce that people can only access the database via IAM roles?
I am trying to use RDS proxy with TypeORM in a nestjs application. RDS Proxy uses IAM authentication, because of which I am getting authentication error after 15 minutes. Please let me know if there is a way to make typeorm refresh the token before it gets expire. (Type orm is loaded as part of app module in the nestjs lambda function)
you can give your ec2 access to your RDS via IAM Role.
If want to connect locally.
No need to pass the credentials via code.
How can I connect to a private Amazon RDS DB instance from a local machine using an Amazon EC2 instance as a bastion host?
OR
Install aws-cli.
Run: aws configure.
Add secret and access keys and session tokens, which should have access to your RDS.
This will add your credentials under the .aws/credentials file(or look for credentials file).
Write and run a background process that updates the credentials under credetails file before it expires.
We are attempting to configure Dev users at a project level with only 'viewer' access and also allow them to login to Cloud SQL. Strangely there are no granular permissions as there are for DataStore or Bigquery.
When attempting to connect after configuring the Cloud SQL proxy to follow Google best practice for connecting to V2 Cloud SQL instances.
The connection is refused in MySQL workbench and the following message appears in the Proxy window.
As soon as the Project privileges are changed to 'editor' in IAM, the same connection works fine. With a lack of roles for Cloud SQL, this means all users either cant access Cloud SQL v2 with proxy or can reset the root password.
Hopefully we are mistaken as this seems like a serious security issue?
You are correct, at this time the actor must have at least 'project editor' role to connect using the Cloud SQL Proxy.
I am installing OrientDB 2.1.9 on Amazon Linux I am trying to log in to their standard Grateful Dead database. I cannot using the guest, the root works but this is non-optimal.
I used the default guest/guest, right out of the package.
The server credentials in the $ORIENTDB_HOME/config/orientdb-server-config.xml file:
guest user is valid just to connect to server instance and list databases, to connect to the db you have to use db users or root
orientdb> connect remote:localhost guest guest
Connecting to remote Server instance [remote:localhost] with user 'guest'...OK
orientdb {server=remote:localhost/}> connect remote:localhost/GratefulDeadConcerts guest guest
Disconnecting from remote server [remote:localhost/]...
OK
Connecting to database [remote:localhost/GratefulDeadConcerts] with user 'guest'...
Error: com.orientechnologies.orient.core.exception.OSecurityAccessException: User or password not valid for database: 'GratefulDeadConcerts'
if you want to connect to the db with limited permissions you can use built-in users reader or writer or you can create your custom users from inside the database.
Please refer to this guide too http://orientdb.com/docs/2.1/Security.html
The registration works fine, user is created, and the role the new user chooses is applied fine. On some controllers I restrict access with [Authorize] and this works good with the user being redirected to the login. The problem arises when I want to authorize by roles. When I change
[Authorize]
to
[Authorize(Roles = "Sales")]
the app hangs before the browser reports the error:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)
SQLExpress database file auto-creation error:
The connection string specifies a local Sql Server Express instance using a database location within the application's App_Data directory. The provider attempted to automatically create the application services database because the provider determined that the database does not exist. The following configuration requirements are necessary to successfully check for existence of the application services database and automatically create the application services database:
This only happens when I add the role condition. The Default connection in the Web.Config points to the SQL Server database I am using. For some reason, the condition of allowing only certain roles makes it want to start creating a database with SQLExpress
Why is this happening and how do I stop it?