I have a MySQL 8.0.13 instance running on AWS RDS. AWS documentation says that MySQL 8.0.* does not support IAM DB Authentication. This seems to be true, however my DB somehow has IAM DB authentication enabled.
Image showing IAM db authentication setting
From the web console, there is no option to enable/disable IAM authentication (I assume because AWS recognized this instance is MySQL 8.0.13 thus it does not provide me with that option).
When I try to modify the DB instance from the web console I get this error:
IAM Database Authentication is enabled in the DB Instance but it is not supported for the new configuration from the request. (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: b6c909f7-b8db-4a5d-987f-9d715c2e5a6e)
So, IAM DB Authentication is enabled (though it shouldn't be possible on MySQL 8.0.13) and I am trying to turn off Delete Protection, but because IAM DB Authentication is enabled it won't let me change anything in this configuration.
So then I tried from AWS CLI running in an EC2 instance...
aws rds modify-db-instance --db-instance-identifier mydbinstancename --apply-immediately --no-enable-iam-database-authentication
And get the following error:
An error occurred (InvalidParameterCombination) when calling the ModifyDBInstance operation: IAM Database Authentication is enabled in the DB Instance but it is not supported for the new configuration from the request.
I am trying to delete this DB instance so what I thought I would need to do is:
- Disable delete protection
- Delete DB instance
However, what it seems I need to to is:
- Disable IAM DB Authentication (Somehow... This is preventing me from disabling delete protection)
Disable delete protection
Delete DB instance
*Keep in mind I have tried all of this from both the root AWS account and an IAM user account.
