Replicate RDS Instances/Clusters - Additional IAM Policy

This policy contains the permissions needed for the replicate RDS instances/clusters across AWS accounts scheduled task.

If you are using the Ylastic Administrator user, you do NOT need this additional policy. This policy is only required if you are using the Ylastic Read only user.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "kms:ListAliases",
        "rds:AddTagsToResource",
        "rds:CopyDBClusterSnapshot",
        "rds:CopyDBSnapshot",
        "rds:CreateDBClusterSnapshot",
        "rds:CreateDBSnapshot",
        "rds:DeleteDBClusterSnapshot",
        "rds:DeleteDBSnapshot",
        "rds:DescribeDBClusters",
        "rds:DescribeDBInstances",
        "rds:DescribeDBClusterSnapshots",
        "rds:DescribeDBSnapshots",
        "rds:ListTagsForResource",
        "rds:ModifyDBClusterSnapshotAttribute",
        "rds:ModifyDBSnapshotAttribute",
        "rds:RemoveTagsFromResource",
        "sts:DecodeAuthorizationMessage"
      ],
      "Resource": "*"
    }
  ]
}