AWS Certified Database – Specialty — Question 311

A software company uses an Amazon RDS for MySQL Multi-AZ DB instance as a data store for its critical applications. During an application upgrade process, a database specialist runs a custom SQL script that accidentally removes some of the default permissions of the master user.
What is the MOST operationally efficient way to restore the default permissions of the master user?

Answer options

• A. Modify the DB instance and set a new master user password.
• B. Use AWS Secrets Manager to modify the master user password and restart the DB instance.
• C. Create a new master user for the DB instance.
• D. Review the IAM user that owns the DB instance, and add missing permissions.

Correct answer: A

Explanation

In Amazon RDS, modifying the database instance to set a new password for the master user automatically restores any lost default privileges for that account. This built-in recovery mechanism is the most operationally efficient way to resolve the issue without needing to recreate users or modify IAM policies. Other options, such as using AWS Secrets Manager or modifying IAM roles, will not restore the database-level permissions of the master user.