Feature/aws iam authentication#12
Conversation
- Add @aws-sdk/rds-signer dependency for RDS auth token generation - Extend CLI arguments with --aws-iam-auth and --aws-region options - Implement automatic AWS RDS auth token generation in MySQL adapter - Auto-enable SSL for AWS IAM authentication (required by RDS) - Add comprehensive error handling for AWS credential issues - Update documentation with AWS IAM authentication examples - Maintain backward compatibility with existing authentication methods Resolves the need for secure AWS RDS connections without hardcoded passwords.
- Document requirement for AWS credentials configuration using default provider chain - Add examples for different credential configuration methods (aws configure, env vars, IAM roles) - Update both README.md and connection reference documentation - Clarify that RDS Signer uses default credential provider chain as per AWS documentation
executeautomation
left a comment
executeautomation
left a comment
There was a problem hiding this comment.
This looks great, thanks for an interesting PR. Love how it's addressing a problem which I didn't thought off !
| } | ||
|
|
||
| try { | ||
| console.error(`[INFO] Generating AWS auth token for region: ${this.awsRegion}, host: ${this.host}, user: ${this.config.user}`); |
There was a problem hiding this comment.
appropriately, should be console.info
There was a problem hiding this comment.
I agree, thanks for catching it @jrequioma
| }); | ||
|
|
||
| const token = await signer.getAuthToken(); | ||
| console.error(`[INFO] AWS auth token generated successfully`); |
There was a problem hiding this comment.
appropriately, should be console.info
There was a problem hiding this comment.
I agree, thanks for catching it @jrequioma
| */ | ||
| async init(): Promise<void> { | ||
| try { | ||
| console.error(`[INFO] Connecting to MySQL: ${this.host}, Database: ${this.database}`); |
There was a problem hiding this comment.
appropriately, should be console.info
|
|
||
| // Handle AWS IAM authentication | ||
| if (this.awsIamAuth) { | ||
| console.error(`[INFO] Using AWS IAM authentication for user: ${this.config.user}`); |
There was a problem hiding this comment.
appropriately, should be console.info
There was a problem hiding this comment.
I agree, thanks for catching it @jrequioma
| this.connection = await mysql.createConnection(this.config); | ||
| } | ||
|
|
||
| console.error(`[INFO] MySQL connection established successfully`); |
There was a problem hiding this comment.
appropriately, should be console.info
There was a problem hiding this comment.
I agree, thanks for catching it @jrequioma
executeautomation
left a comment
executeautomation
left a comment
There was a problem hiding this comment.
Please fix the issue mentioned by @jrequioma
thanks @jrequioma @executeautomation fixed |
|
Perfect ! |
executeautomation
merged commit f56a616
into
executeautomation:main
|
@executeautomation thanks for merging! |
|
@executeautomation would you please update the npm package as well? Thanks! |
5 participants
Add AWS IAM authentication support for MySQL
This PR adds AWS IAM database authentication for Amazon RDS MySQL instances, enabling secure connections without hardcoded passwords.
Changes:
--aws-iam-authand--aws-region@aws-sdk/rds-signerfor automatic token generationUsage:
Prerequisites:
AWS credentials must be configured via:
aws configure(default profile)AWS_PROFILE,AWS_ACCESS_KEY_ID, etc.)This enables secure AWS RDS connections using IAM authentication while maintaining full compatibility with existing MySQL authentication methods.