During installation, AppDynamics must create additional databases and users in the Aurora database for the AppDynamics Controller application to interact with the Aurora database server. 

To create the Aurora database:

  1. Create the Aurora database using admin as the primary username. 
  2. After the Aurora database instance is created successfully, log in to the ec2 instance as admin:

    mysql -u admin -h <rds-aurora-endpoint> -P 3388 -p
    CODE
  3. To create a new 'root' user, enter:

    CREATE USER 'root'@'%' IDENTIFIED BY 'controller';
    CODE
  4. To check for the grants of the primary username (admin), enter:

    mysql> SHOW GRANTS FOR admin;
    CODE

    Resulting output:

    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Grants for admin@%
    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, LOAD FROM S3, SELECT INTO S3, INVOKE LAMBDA ON *.* TO 'admin'@'%' WITH GRANT OPTION
    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
     1 row in set (0.00 sec)
    CODE


  5. Apply the grants (listed in the output) for the new root user that you created in Step 1. The root user will have the same grants as the admin user.

    mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, LOAD FROM S3, SELECT INTO S3, INVOKE LAMBDA ON *.* TO 'root'@'%' WITH GRANT OPTION
    CODE

    Resulting output:

    Query OK, 0 rows affected (0.01 sec)
    CODE
  6. Once the root user has the same privileges as the primary username admin, verify that you can log in to the database as root, and then continue with the installation.

    • If you do not have users "root@x.x.x.x" and "root@ip-x-x-x-x.ec2.internal", ignore these users and continue to work with the root@%.
    • If you have users "root@x.x.x.x" and "root@ip-x-x-x-x.ec2.internal", then instead of using the previous GRANT command, use this GRANT command:

      mysql> GRANT ALL ON `%`.* TO 'root'@'ip-x-x-x-x.ec2.internal' identified by 'controller' WITH GRANT OPTION;
      mysql> GRANT ALL ON `%`.* TO 'root'@'x.x.x.x' identified by 'controller' WITH GRANT OPTION;
      mysql> GRANT RELOAD ON *.* TO 'root'@'ip-x-x-x-x.ec2.internal' identified by 'controller' WITH GRANT OPTION;
      mysql> GRANT RELOAD ON *.* TO 'root'@'x.x.x.x' identified by 'controller' WITH GRANT OPTION;
      CODE

After installation, you can revoke the primary-level privileges from the Aurora root user without interfering with the Controller. However, primary-level privileges for Aurora root user are required prior to upgrading the Controller.