I have an ELK stack with grafana installed on EC2 instances. I’ve created a mysql database in RDS, created a grafana database and a grafana user with the appropriate permissions. That user is able to be accessed via mysql utilizing an appropriately setup IAM role.
However, when I try to start the Grafana service using that database I get the following error in the logs:
“Fail to initialize orm engine” logger=sqlstore error=“Sqlstore::Migration failed err: Error 1045: Access denied for user ‘grafana’@‘SERVERIP’ (using password: YES)\n”
My grafana.ini database section looks like:
[database]
host = aurora-cluster-ClusterName.cluster-RandomAWSSuppliedChars.Region.rds.amazonaws.com:3306
type = mysql
name = grafanaDbName
user = grafanaUserName
password = aws rds generate-db-auth-token --hostname aurora-cluster-ClusterName.cluster-RandomAWSSuppliedChars.Region.rds.amazonaws.com --username grafanaUserName --port 3306 --region Region
I’ve tried supplying no password as well, but I’m pretty sure I need the generated auth token to be supplied. I also tried generating an auth token and pasting it in manually during the 15 minute window while it’s good for testing purposes and I got the same Access denied error.
Is IAM Authentication supported? If so, how do I supply the required Auth token?