During installation, Splunk AppDynamics must create additional databases and users in the Aurora database for the Controller application to interact with the Aurora database server. 

To create the Aurora database:

  1. Create the Aurora database using admin as the primary username. 

  2. After the Aurora database instance is created successfully, log in to the ec2 instance as admin:

    mysql -u admin -h <rds-aurora-endpoint> -P 3388 -p
    CODE

  3. To create a new 'root' user, enter:

    CREATE USER 'root'@'%' IDENTIFIED BY 'controller';
    CODE

  4.  Grant SET_USER_ID privileges to root user:

    GRANT SET_USER_ID ON *.* TO 'root'@'%';
    CODE

  5. Apply the grants (listed in the output) for the new root user that you created in Step 1. The root user will have the same grants as the admin user.

    mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, LOAD FROM S3, SELECT INTO S3, INVOKE LAMBDA ON *.* TO 'root'@'%' WITH GRANT OPTION
    CODE

    Resulting output:

    Query OK, 0 rows affected (0.01 sec)
    CODE

  6. Once the root user has the above-mentioned privileges, verify that you are able to log in to the database  as the root user, and then continue with the installation.

    • If you do not have users "root@x.x.x.x" and "root@ip-x-x-x-x.ec2.internal", ignore these users and continue to work with the root@%.

    • If you have users "root@x.x.x.x" and "root@ip-x-x-x-x.ec2.internal", then instead of using the previous GRANT command, use this GRANT command:

      mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER,EVENT, TRIGGER, LOAD FROM S3, SELECT INTO S3, INVOKE LAMBDA ON *.* TO 'root'@'ip-x-x-x-x' WITH GRANT OPTION;

mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER,EVENT, TRIGGER, LOAD FROM S3, SELECT INTO S3, INVOKE LAMBDA ON *.* TO 'root'@'x.x.x.x' WITH GRANT OPTION;
      CODE

After installation, you can revoke the primary-level privileges from the Aurora root user without interfering with the Controller. However, primary-level privileges for Aurora root user are required prior to upgrading the Controller.