From 406f46aad3e37b7b2b65cdbf3e7ee27c0dec930f Mon Sep 17 00:00:00 2001 From: Peter Helewski Date: Fri, 30 Sep 2022 19:05:05 -0400 Subject: [PATCH 1/2] updating trust relationship condition string and adding in additonal grant command to allow the creation of expressions on the coder database --- guides/admin/awsrds.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/guides/admin/awsrds.md b/guides/admin/awsrds.md index 99ddc2525..7c271ad44 100644 --- a/guides/admin/awsrds.md +++ b/guides/admin/awsrds.md @@ -51,7 +51,7 @@ to use for database authentication. "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { - "arn:aws:iam::111122223333:oidc-provider/oidc.eks.region-code.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE:sub":"system:serviceaccount::" + "oidc.eks.region-code.amazonaws.com/id/EXAMPLED539D4633E53DE1B71EXAMPLE:sub":"system:serviceaccount::" } } } @@ -65,6 +65,7 @@ to use for database authentication. ```sql CREATE USER dbuser WITH LOGIN; GRANT rds_iam TO dbuser; +GRANT CREATE ON DATABASE database TO dbuser; ``` 1. Set the following values in your Helm chart and re-deploy Coder. From 875ba177e5de5d0fe4bf29655f09f556e835f401 Mon Sep 17 00:00:00 2001 From: Peter Helewski Date: Fri, 30 Sep 2022 19:17:44 -0400 Subject: [PATCH 2/2] adjusting generic database name to match the database name from the helm chart values --- guides/admin/awsrds.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/guides/admin/awsrds.md b/guides/admin/awsrds.md index 7c271ad44..3cb0faa09 100644 --- a/guides/admin/awsrds.md +++ b/guides/admin/awsrds.md @@ -65,7 +65,7 @@ to use for database authentication. ```sql CREATE USER dbuser WITH LOGIN; GRANT rds_iam TO dbuser; -GRANT CREATE ON DATABASE database TO dbuser; +GRANT CREATE ON DATABASE coder TO dbuser; ``` 1. Set the following values in your Helm chart and re-deploy Coder.