28

I've inherited control of an AWS MySQL RDS instance. I'm curious to know what the 'rdsadmin' user is and whether I should know the password for this or whether this is purely for use by the Amazon Web Console.

codecowboy
  • 1,287
  • 5
  • 17
  • 31

1 Answers1

32

This is Amazon's own user that is used by Amazon to perform updates, run backups and do other maintenance tasks. That said, Amazon's support should be able to advise you.

In general, you don't need to (and should not) know the password.

Craig Watson
  • 9,370
  • 3
  • 30
  • 46
  • 2
    This actually conflicts with what I have been told on the AWS IRC channel. Also, there is the option 'New Master Password:' when modifying an instance. Which user is that for? – codecowboy Apr 09 '14 at 10:11
  • 3
    "New Master Password" will reset the password for the named admin user that you created when you spun up the RDS instance, which is a separate account than 'rdsadmin'. What was said on IRC? – Craig Watson Apr 09 '14 at 10:12
  • ok, thanks. Can I find out the name of the 'named admin user'? I did not create the instance. From IRC - "rdsadmin account is the equivilant of the default 'root' account" – codecowboy Apr 09 '14 at 10:29
  • 1
    You can check the named admin user's username in the AWS console - it will be in the "Configuration Details" panel of the instance details, and will be titled "User name". The "rdsadmin" user is for Amazon's usage, and the user mentioned here is for your usage. Of course you are free to create other users, but this one is the only one granted with full admin rights. – Craig Watson Apr 09 '14 at 11:28
  • Is there a way to reset the rdsadmin password without instantiating a new db? – Muhatashim May 19 '16 at 15:45
  • 2
    @Muhatashim no, because you should never know the `rdsadmin` user's password. – Craig Watson May 19 '16 at 15:47
  • I understand that it's not possible to read the password, but it seems like you can change its password. I ended up restoring back to a different snapshot because of it. – Muhatashim May 20 '16 at 04:10
  • 6
    @Muhatashim I cannot stress this enough - you should *never* need to know, use, change or otherwise interact with the `rdsadmin` user. – Craig Watson May 20 '16 at 05:34