Using Amazon Aurora

IAM database authentication for PostgreSQL (Aurora/RDS) is available since Phoenix 12.9.0. Use that version or newer before following this guide.

First, ensure that Phoenix runs with valid AWS credentials, either by using an IAM role attached to the instance (EC2/ECS/EKS), or by configuring AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. Configuring AWS_DEFAULT_REGION is required. The IAM role will need a rds-db:connect policy associated with it.

# Standard AWS configuration
export AWS_DEFAULT_REGION=us-east-2  ## REQUIRED
export AWS_ACCESS_KEY_ID=your_key
export AWS_SECRET_ACCESS_KEY=your_secret
# OR use ~/.aws/credentials and ~/.aws/config
# OR use IAM role (EC2/ECS/EKS)

Then, configure Phoenix to use the Amazon Aurora/RDS instance with IAM-based authentication. No token-lifetime tuning is required; Phoenix generates a fresh IAM token for each new database connection.

# Enable IAM authentication
export PHOENIX_POSTGRES_USE_AWS_IAM_AUTH=true

# Database connection
export PHOENIX_POSTGRES_HOST=mydb.us-east-2.rds.amazonaws.com
export PHOENIX_POSTGRES_USER=iam_db_user
export PHOENIX_POSTGRES_DB=phoenix

Overview Using Azure Database for PostgreSQL

⌘I

Deployment Options

Features

Upgrade

Security

Misc

Using Amazon Aurora