Using PMM in AWS with IAM Role instead of IAM User and keys

We are using PMM from the AWS Marketplace to monitor AWS RDS instances. Great product. Thanks a lot. :slight_smile:

I installed the recommended way and added many RDS instances w/o any problem using an IAM User with the created keys.
And the day came to rotate the used Access key… Unfortunately I didn’t found an easy way (except to delete and add the instances again) to change the used IAM key.

Based on the documentation I can use IAM Role instead of an IAM User with Access Keys.
I created the role and attached to the policy and the EC2 instance too.
My problem is that I’m not able to discover/add the available RDS instances in the subscription because the “PMM Add Instance / AWS RDS MySQL or Aurora MySQL” option requires a SECRET_KEY_ID and SECRET_ACCESS_KEY.

How can I setup the PMM to use/force the associated IAM Role? Is there any documentation/guide in this topic?

Thanks in Advance.

@peter.takacs the option how to set this up described in Percona Monitoring and Management but not clear (

Also, while testing it I’ve found so you can subscribe to the Jira issue and will be notified when we’ll fix this

1 Like

We have the same issue in version 2.16.0 on AWS.

1 Like

I was able to confirm this “bug” and it’s reported as
We’ll fix it soon in 2.18 release

1 Like

Great, thank you for the fast feedback! Looking forward to the fix :slight_smile:

1 Like