Starting October 10, 2022, ApsaraDB RDS for PostgreSQL instances use a new architecture in phases that improves operations and maintenance (O&M) efficiency and service stability. Creating your first instance under this architecture requires a one-time service-linked role (SLR) authorization.
If you call the CreateDBInstance operation to create an instance without completing SLR authorization first, a refund is triggered after payment. Complete SLR authorization before creating any instance.
Effective date
October 10, 2022
Description
When you create your first RDS for PostgreSQL instance under the new architecture, you must authorize the SLR using one of the following accounts:
An Alibaba Cloud account
A Resource Access Management (RAM) user with the
AliyunRAMFullAccesspolicy attached
The SLR grants ApsaraDB RDS for PostgreSQL permission to access Elastic Network Interface (ENI) resources and create a managed ENI on your behalf. The managed ENI allows your RDS instance to connect to other services within your virtual private cloud (VPC).
For more information about ENIs, see ENI overview.
How to authorize the SLR
Log in to the ApsaraDB RDS console and complete SLR authorization when prompted during instance creation.
For the authorization steps required when using the API, see Service-linked roles.
Usage notes
SLR authorization is required only once. After you authorize the SLR, all subsequent RDS for PostgreSQL instances are created without this step.
If you call the
CreateDBInstanceoperation to create an instance, complete SLR authorization before calling the operation. If you skip this step, a refund is triggered after payment.