# Auto Discover AWS RDS Instances Apono’s Auto Discovery feature identifies tagged AWS RDS instances, including MySQL and PostgreSQL. Rather than integrating each instance individually, you can integrate selected databases and their resources at once during your AWS Account or Organization setup. {% hint style="warning" %} This capability requires network access to each discoverable database. If your databases are in different AWS networks, make sure to create an AWS connector for each network. {% endhint %} *** ### Prerequisites
ItemDescription
Apono Connector

One or more Apono connectors for AWS with network access to your AWS RDS databases

Minimum Required Version: 1.5.3


Follow these steps to update an existing connector.

AWS Permissions

Permissions to complete the following tasks in your AWS instance:

  • Create and manage AWS Secrets Store secrets
  • Tag RDS instances
*** ### Enable Auto Discovery Follow these steps to enable Auto Discovery: 1. In your AWS RDS database instance, create a user for the Apono connector. As part of this step, you will also create a secret. * [RDS PostgreSQL](https://docs.apono.io/docs/aws-environment/rds-postgresql#create-an-aws-rds-postgresql-user) * [AWS RDS MySQL](https://docs.apono.io/docs/aws-environment/aws-rds-mysql#create-aws-rds-mysql-integration) 2. [Tag your database instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#Tagging.HowTo) based on the authentication method you selected in the previous step. In the tables below, the values shown in *italics* are the exact text you should enter when adding these tags.
IAM Authentication
Tag KeyValue or Description
auth_typeiam-auth
apono-connector-idID of the Apono connector in the same AWS Account or AWS Organization as the database
Password Authentication
Tag KeyValue or Description
auth_typeuser-password
apono-connector-idID of the Apono connector in the same AWS Account or AWS Organization as the database
apono-secretARN of the secret containing the database credentials
regionAWS region where the secret is stored
3. In the Apono UI, on the [**Catalog**](https://app.apono.io/catalog?search=aws) tab, click **AWS**. The **Connect Integrations Group** page appears. 4. Under **Discovery**, click **Amazon Account** or **Amazon Organization**. 5. Under **Connect Sub Integration**, select **Database**, **Table**, and **Role** to control the granularity of discovery in each discovered instance.

AWS RDS MySQL under Connect Sub Integration

6. Complete the [Amazon Account](https://docs.apono.io/docs/aws-environment/aws-integrations/integrate-an-aws-account-or-organization/..#integration) or [Amazon Organization](https://docs.apono.io/docs/aws-environment/aws-integrations/integrate-an-aws-account-or-organization/..#integration-1) integration (steps **3-10**). After connecting your AWS Account or AWS Organization to Apono, you will be redirected to the **Connected** tab to view your integrations. The new AWS integration, along with sub-integrations for each RDS instance, initialize during the first data fetch. The integration becomes **Active** once the process completes. Now that you have completed this integration, you can [create access flows](https://docs.apono.io/docs/access-flows/access-flows) that grant permission to your AWS RDS resources. *** ### Troubleshooting If RDS instances appear with errors on your **Integrations** page, follow these steps: 1. **Check Tags**: Verify all required tags are present and correctly formatted. 2. **Connector Permissions**: Ensure the Apono connector has necessary permissions to read tags and access secrets. 3. **Network connectivity**: Ensure each RDS instance is accessible by an Apono connector within the same network. {% hint style="success" %} For any questions about the discovery process, please contact Apono Support. {% endhint %}