Whenever a new database is created, best practices dictate that we should deploy alongside with it several users for several different activities. For example, a typical (at least to me) arrangement would sport at least these 6 database users:
- an administrative super-user (traditionally,
root) will be automatically created by RDS;
- between one and three users should be created for the application:
- a read-write,
- a read-only,
- a schema-owner user with grants to run DDL statements;
- a user for monitoring data collection;
- a role-user that will be used by developers when authenticating through IAM credentials into the database.
As you can see, there is a fair amount of database users that have to be present and managed in the database.
What strategies and best practices would you recommend I use to address user management of my databases across a relatively large fleet of database servers?