Hello,
I am working with a company on their database administration. I am trying to get up to speed with managing a database environment using AWS (EC2 and RDS).
In all of my past experience (on prim, VMs, Azure,etc.), I put the service account used for SQL Server service into the local administration group. This allows for local policy permissions like log on as a service and a few other permissions. I also am able to get permissions for the drives.
Now, in an AWS environment, it was brought to my attention, that we no longer put the service account in the local admin group. We apply the permissions on several components of the server individually (permissions to the drives, local policy permissions, etc)
Does anyone work in an AWS environment? Do you add the service account for SQL Server service into the local admin group? Just trying to confirm best practice.
Thanks.
Things will work out. Get back up, change some parameters and recode.