diff --git a/src/lib/db/aws-iam.ts b/src/lib/db/aws-iam.ts
index 97c50f48bc..6cdfa25c9c 100644
--- a/src/lib/db/aws-iam.ts
+++ b/src/lib/db/aws-iam.ts
@@ -16,7 +16,12 @@ export const getDBPasswordResolver = (db: IDBOption): PasswordResolver => {
             port: db.port,
             username: db.user,
         });
-        return async () => signer.getAuthToken();
+        return async () => {
+            console.log('[AWS RDS SIGNER] Getting token...');
+            const token = await signer.getAuthToken();
+            console.log(`[AWS RDS SIGNER] Got token!`);
+            return token;
+        };
     }
 
     return async () => db.password;
diff --git a/src/lib/db/db-access-checker.ts b/src/lib/db/db-access-checker.ts
new file mode 100644
index 0000000000..ea4e094444
--- /dev/null
+++ b/src/lib/db/db-access-checker.ts
@@ -0,0 +1,33 @@
+import { Client } from 'pg';
+import type { IDBOption, Logger } from '../server-impl.js';
+import { getDBPassword } from './aws-iam.js';
+
+export const dbAccessChecker = async (db: IDBOption, logger: Logger) => {
+    if (!db.awsIamAuth) return;
+
+    logger.info(
+        'Using AWS IAM authentication for database connection. Checking DB access...',
+    );
+
+    const password = await getDBPassword(db);
+
+    const client = new Client({
+        host: db.host,
+        port: db.port,
+        user: db.user,
+        database: db.database,
+        password,
+        statement_timeout: 10_000,
+        connectionTimeoutMillis: 10_000,
+    });
+    try {
+        await client.connect();
+        await client.query('SELECT 1');
+        logger.info('DB auth/connection successful');
+    } catch (e: any) {
+        const code = e?.code ?? 'unknown';
+        throw new Error(`DB auth/connection failed (pg code: ${code})`);
+    } finally {
+        await client.end().catch(() => {});
+    }
+};
diff --git a/src/lib/server-impl.ts b/src/lib/server-impl.ts
index 78c6d261bc..54b4809086 100644
--- a/src/lib/server-impl.ts
+++ b/src/lib/server-impl.ts
@@ -186,6 +186,7 @@ import { UPDATE_REVISION } from './features/feature-toggle/configuration-revisio
 import type { IFeatureUsageInfo } from './services/version-service.js';
 import { defineImpactMetrics } from './features/metrics/impact/define-impact-metrics.js';
 import type { IClientInstance } from './types/stores/client-instance-store.js';
+import { dbAccessChecker } from './db/db-access-checker.js';
 
 export async function initialServiceSetup(
     { authentication }: Pick<IUnleashConfig, 'authentication'>,
@@ -336,6 +337,10 @@ async function start(
     const config = createConfig(opts);
     const logger = config.getLogger('server-impl.js');
 
+    if (config.db.awsIamAuth) {
+        await dbAccessChecker(config.db, logger);
+    }
+
     try {
         if (config.db.disableMigration) {
             logger.info('DB migration: disabled');