# Auto Discover AWS RDS Instances

Apono’s Auto Discovery feature identifies tagged AWS RDS instances, including MySQL and PostgreSQL. Rather than integrating each instance individually, you can integrate selected databases and their resources at once during your AWS Account or Organization setup.

{% hint style="warning" %}
This capability requires network access to each discoverable database. If your databases are in different AWS networks, make sure to create an AWS connector for each network.
{% endhint %}

***

### Prerequisites

<table><thead><tr><th width="224">Item</th><th>Description</th></tr></thead><tbody><tr><td><strong>Apono Connector</strong></td><td><p>One or more <a href="../../apono-connector-for-aws">Apono connectors for AWS</a> with network access to your AWS RDS databases<br></p><p><strong>Minimum Required Version</strong>: 1.5.3</p><p><br>Follow these steps to <a href="../../apono-connector-for-aws/updating-a-connector-in-aws">update an existing connector</a>.</p></td></tr><tr><td><strong>AWS Permissions</strong></td><td><p>Permissions to complete the following tasks in your AWS instance:</p><ul><li>Create and manage AWS Secrets Store secrets</li><li>Tag RDS instances</li></ul></td></tr></tbody></table>

***

### Enable Auto Discovery

Follow these steps to enable Auto Discovery:

1. In your AWS RDS database instance, create a user for the Apono connector. As part of this step, you will also create a secret.
   * [RDS PostgreSQL](https://docs.apono.io/docs/aws-environment/rds-postgresql#create-an-aws-rds-postgresql-user)
   * [AWS RDS MySQL](https://docs.apono.io/docs/aws-environment/aws-rds-mysql#create-aws-rds-mysql-integration)
2. [Tag your database instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#Tagging.HowTo) based on the authentication method you selected in the previous step. In the tables below, the values shown in *italics* are the exact text you should enter when adding these tags.

<details>

<summary>IAM Authentication</summary>

<table><thead><tr><th width="290">Tag Key</th><th>Value or Description</th></tr></thead><tbody><tr><td><em>auth_type</em></td><td><em>iam-auth</em></td></tr><tr><td><em>apono-connector-id</em></td><td>ID of the Apono connector in the same AWS Account or AWS Organization as the database</td></tr></tbody></table>

</details>

<details>

<summary>Password Authentication</summary>

<table><thead><tr><th width="291">Tag Key</th><th>Value or Description</th></tr></thead><tbody><tr><td><em>auth_type</em></td><td><em>user-password</em></td></tr><tr><td><em>apono-connector-id</em></td><td>ID of the Apono connector in the same AWS Account or AWS Organization as the database</td></tr><tr><td><em>apono-secret</em></td><td>ARN of the secret containing the database credentials</td></tr><tr><td><em>region</em></td><td>AWS region where the secret is stored</td></tr></tbody></table>

</details>

3. In the Apono UI, on the [**Catalog**](https://app.apono.io/catalog?search=aws) tab, click **AWS**. The **Connect Integrations Group** page appears.
4. Under **Discovery**, click **Amazon Account** or **Amazon Organization**.
5. Under **Connect Sub Integration**, select **Database**, **Table**, and **Role** to control the granularity of discovery in each discovered instance.<br>

   <figure><img src="https://1094436629-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fv6MBfUGvblSdAz31yJXm%2Fuploads%2Fgit-blob-b90d2548397315fbd26493e5e60061f4f30f109c%2Faws-auto-discovery.png?alt=media" alt="" width="563"><figcaption><p>AWS RDS MySQL under Connect Sub Integration</p></figcaption></figure>
6. Complete the [Amazon Account](https://docs.apono.io/docs/aws-environment/aws-integrations/integrate-an-aws-account-or-organization/..#integration) or [Amazon Organization](https://docs.apono.io/docs/aws-environment/aws-integrations/integrate-an-aws-account-or-organization/..#integration-1) integration (steps **3-10**).

After connecting your AWS Account or AWS Organization to Apono, you will be redirected to the **Connected** tab to view your integrations. The new AWS integration, along with sub-integrations for each RDS instance, initialize during the first data fetch. The integration becomes **Active** once the process completes.

Now that you have completed this integration, you can [create access flows](https://docs.apono.io/docs/access-flows/access-flows) that grant permission to your AWS RDS resources.

***

### Troubleshooting <a href="#troubleshooting" id="troubleshooting"></a>

If RDS instances appear with errors on your **Integrations** page, follow these steps:

1. **Check Tags**: Verify all required tags are present and correctly formatted.
2. **Connector Permissions**: Ensure the Apono connector has necessary permissions to read tags and access secrets.
3. **Network connectivity**: Ensure each RDS instance is accessible by an Apono connector within the same network.

{% hint style="success" %}
For any questions about the discovery process, please contact Apono Support.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.apono.io/docs/aws-environment/aws-integrations/integrate-an-aws-account-or-organization/auto-discover-aws-rds-instances.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.