RDS Instance ARN — Relational Database Identification
Parse an Amazon RDS database instance ARN to understand the colon-separated resource format. Covers cluster ARNs, snapshots, and Aurora-specific patterns.
Detailed Explanation
RDS Instance ARN Format
Amazon RDS uses a colon-separated resource format, where db is the resource type and the instance identifier follows.
Example ARN
arn:aws:rds:us-east-1:123456789012:db:my-postgres-db
Parsed Components
| Component | Value |
|---|---|
| Partition | aws |
| Service | rds |
| Region | us-east-1 |
| Account ID | 123456789012 |
| Resource Type | db |
| Resource ID | my-postgres-db |
RDS Resource Type Variants
RDS uses the colon separator with different resource type prefixes:
| Resource | Format |
|---|---|
| DB Instance | db:instance-id |
| DB Cluster | cluster:cluster-id |
| DB Snapshot | snapshot:snapshot-id |
| Cluster Snapshot | cluster-snapshot:snapshot-id |
| DB Subnet Group | subgrp:group-name |
| DB Parameter Group | pg:group-name |
| Event Subscription | es:subscription-name |
Aurora Cluster vs. Instance ARNs
Amazon Aurora has both cluster ARNs and instance ARNs. The cluster ARN (cluster:my-aurora-cluster) represents the logical cluster, while instance ARNs (db:my-aurora-instance-1) represent individual nodes. IAM policies for Aurora often need to reference both.
Snapshot ARNs for Cross-Account Sharing
When sharing RDS snapshots across accounts, the snapshot ARN is the key identifier. The source account's snapshot ARN is used in the modify-db-snapshot-attribute command to grant access to target accounts.
Use Case
Configuring IAM policies for database administrators that limit access to specific RDS instances, and setting up automated snapshot sharing across AWS accounts for disaster recovery.