Authorizing Amazon Aurora MySQL to access other Amazon services on your behalf
For your Aurora MySQL DB cluster to access other services on your behalf, create and configure an Amazon Identity and Access Management (IAM) role. This role authorizes database users in your DB cluster to access other Amazon services. For more information, see Setting up IAM roles to access Amazon services.
You must also configure your Aurora DB cluster to allow outbound connections to the target Amazon service. For more information, see Enabling network communication from Amazon Aurora to other Amazon services.
If you do so, your database users can perform these actions using other Amazon services:
-
Synchronously or asynchronously invoke an Amazon Lambda function using the native functions
lambda_syncorlambda_async. Or, asynchronously invoke an Amazon Lambda function using themysql.lambda_asyncprocedure. For more information, see Invoking a Lambda function with an Aurora MySQL native function. -
Load data from text or XML files stored in an Amazon S3 bucket into your DB cluster by using the
LOAD DATA FROM S3orLOAD XML FROM S3statement. For more information, see Loading data into an Amazon Aurora MySQL DB cluster from text files in an Amazon S3 bucket. -
Save data from your DB cluster into text files stored in an Amazon S3 bucket by using the
SELECT INTO OUTFILE S3statement. For more information, see Saving data from an Amazon Aurora MySQL DB cluster into text files in an Amazon S3 bucket. -
Export log data to Amazon CloudWatch Logs MySQL. For more information, see Publishing Amazon Aurora MySQL logs to Amazon CloudWatch Logs.
-
Automatically add or remove Aurora Replicas with Application Auto Scaling. For more information, see Amazon Aurora Auto Scaling with Aurora Replicas.