diff --git a/src/lib/db/aws-iam.ts b/src/lib/db/aws-iam.ts
index 03da0e57a9..97c50f48bc 100644
--- a/src/lib/db/aws-iam.ts
+++ b/src/lib/db/aws-iam.ts
@@ -14,14 +14,9 @@ export const getDBPasswordResolver = (db: IDBOption): PasswordResolver => {
             region: db.awsRegion,
             hostname: db.host,
             port: db.port,
-            username: process.env.DATABASE_USERNAME || db.user,
+            username: db.user,
         });
-        return async () => {
-            console.log('[AWS RDS SIGNER] Getting token...');
-            const token = await signer.getAuthToken();
-            console.log(`[AWS RDS SIGNER] Got token: ${token}`);
-            return token;
-        };
+        return async () => signer.getAuthToken();
     }
 
     return async () => db.password;
diff --git a/src/lib/db/db-pool.ts b/src/lib/db/db-pool.ts
index 16e32275dc..244a7c7fa8 100644
--- a/src/lib/db/db-pool.ts
+++ b/src/lib/db/db-pool.ts
@@ -9,20 +9,11 @@ export function createDb({
     getLogger,
 }: Pick<IUnleashConfig, 'db' | 'getLogger'>): Knex {
     const logger = getLogger('db-pool.js');
-
-    logger.info(
-        `createDb: iam=${Boolean(db.awsIamAuth)} host=${db.host} port=${db.port} db=${db.database} user=${process.env.DATABASE_USERNAME || db.user} ssl=${Boolean(db.ssl)}`,
-    );
-
-    const { password, ...logDb } = db;
-    logger.info(`createDb (DB): ${JSON.stringify(logDb, undefined, 2)}`);
-
     return knex({
         client: 'pg',
         version: db.version,
         connection: {
             ...db,
-            user: process.env.DATABASE_USERNAME || db.user,
             application_name: db.applicationName,
             password: getDBPasswordResolver(db),
         },
diff --git a/src/migrator.ts b/src/migrator.ts
index 8543cefb98..37fdb88756 100644
--- a/src/migrator.ts
+++ b/src/migrator.ts
@@ -6,6 +6,7 @@ import type { IUnleashConfig } from './lib/types/option.js';
 import { secondsToMilliseconds } from 'date-fns';
 import path from 'path';
 import { fileURLToPath } from 'node:url';
+import { getDBPassword } from './lib/db/aws-iam.js';
 
 log.setLogLevel('error');
 const __filename = fileURLToPath(import.meta.url);
@@ -22,9 +23,11 @@ export async function migrateDb(
     { db }: Pick<IUnleashConfig, 'db'>,
     stopAt?: string,
 ): Promise<void> {
+    const password = await getDBPassword(db);
     return noDatabaseUrl(async () => {
         const custom = {
             ...db,
+            password,
             connectionTimeoutMillis: secondsToMilliseconds(10),
         };
 
@@ -43,9 +46,11 @@ export async function migrateDb(
 export async function requiresMigration({
     db,
 }: Pick<IUnleashConfig, 'db'>): Promise<boolean> {
+    const password = await getDBPassword(db);
     return noDatabaseUrl(async () => {
         const custom = {
             ...db,
+            password,
             connectionTimeoutMillis: secondsToMilliseconds(10),
         };
 
@@ -64,9 +69,11 @@ export async function requiresMigration({
 
 // This exists to ease testing
 export async function resetDb({ db }: IUnleashConfig): Promise<void> {
+    const password = await getDBPassword(db);
     return noDatabaseUrl(async () => {
         const custom = {
             ...db,
+            password,
             connectionTimeoutMillis: secondsToMilliseconds(10),
         };