Logging in to your RDS Custom for Oracle database as SYS
After you create your RDS Custom DB instance, you can log in to your Oracle database as user
SYS, which gives you SYSDBA privileges. You have the following
login options:
-
Get the
SYSpassword from Secrets Manager, and specify this password in your SQL client. -
Use OS authentication to log in to your database. In this case, you don't need a password.
Finding the SYS password for your RDS Custom for Oracle database
Your can log in to your Oracle database as SYS or SYSTEM or
by specifying the master user name in an API call. The password for SYS and
SYSTEM is stored in Secrets Manager. The secret uses the naming format
do-not-delete-rds-custom-resource_id-uuid.
You can find the password using the AWS Management Console.
To find the SYS password for your database in Secrets Manager
Sign in to the AWS Management Console and open the Amazon RDS console at https://console.aws.amazon.com/rds/
. -
In the RDS console, complete the following steps:
-
In the navigation pane, choose Databases.
-
Choose the name of your RDS Custom for Oracle DB instance.
-
Choose Configuration.
-
Copy the value underneath Resource ID. For example, you resource ID might be db-ABC12CDE3FGH4I5JKLMNO6PQR7.
-
-
Open the Secrets Manager console at https://console.aws.amazon.com/secretsmanager/
. -
In the Secrets Manager console, complete the following steps:
-
In the left navigation pane, choose Secrets.
-
Filter the secrets by the resource ID that you copied in step 5.
-
Choose the secret named do-not-delete-rds-custom-
resource_id-uuid, whereresource_idis the resource ID that you copied in step 5. For example, if your resource ID is db-ABC12CDE3FGH4I5JKLMNO6PQR7, your secret will be named do-not-delete-rds-custom-db-ABC12CDE3FGH4I5JKLMNO6PQR7. -
In Secret value, choose Retrieve secret value.
-
In Key/value, copy the value for password.
-
-
Install SQL*Plus on your DB instance and log in to your database as
SYS. For more information, see Step 3: Connect your SQL client to an Oracle DB instance.
Logging in to your RDS Custom for Oracle database using OS authentication
The OS user rdsdb owns the Oracle database binaries. You can switch to
the rdsdb user and log in to your RDS Custom for Oracle database without a
password.
-
Connect to your DB instance with AWS Systems Manager. For more information, see Connecting to your RDS Custom DB instance using Session Manager.
-
In a web browser, go to https://www.oracle.com/database/technologies/instant-client/linux-x86-64-downloads.html
. -
For the latest database version that appears on the web page, copy the .rpm links (not the .zip links) for the Instant Client Basic Package and SQL*Plus Package. For example, the following links are for Oracle Database version 21.9:
-
https://download.oracle.com/otn_software/linux/instantclient/219000/oracle-instantclient-basic-21.9.0.0.0-1.el8.x86_64.rpm
-
https://download.oracle.com/otn_software/linux/instantclient/219000/oracle-instantclient-sqlplus-21.9.0.0.0-1.el8.x86_64.rpm
-
-
In your SSH session, run the
wgetcommand to the download the .rpm files from the links that you obtained in the previous step. The following example downloads the .rpm files for Oracle Database version 21.9:wget https://download.oracle.com/otn_software/linux/instantclient/219000/oracle-instantclient-basic-21.9.0.0.0-1.el8.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/219000/oracle-instantclient-sqlplus-21.9.0.0.0-1.el8.x86_64.rpm -
Install the packages by running the
yumcommand as follows:sudo yum install oracle-instantclient-*.rpm -
Switch to the
rdsdbuser.sudo su - rdsdb -
Log in to your database using OS authentication.
$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Wed Apr 12 20:11:08 2023 Version 21.9.0.0.0 Copyright (c) 1982, 2020, Oracle. All rights reserved. Connected to: Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production Version 19.10.0.0.0
