@aws-sdk/rds-signer

What is @aws-sdk/rds-signer?

@aws-sdk/rds-signer is an AWS SDK package that allows you to generate an authentication token for connecting to an Amazon RDS database. This token can be used in place of a password when connecting to the database, providing a secure way to authenticate without hardcoding credentials.

What are @aws-sdk/rds-signer's main functionalities?

Generate Authentication Token

This feature allows you to generate an authentication token for connecting to an Amazon RDS database. The token can be used in place of a password, providing a secure way to authenticate without hardcoding credentials.

const { RDSClient, CreateDBInstanceCommand } = require('@aws-sdk/client-rds');
const { RDSAuthTokenGenerator } = require('@aws-sdk/rds-signer');

const client = new RDSClient({ region: 'us-west-2' });
const signer = new RDSAuthTokenGenerator(client);

const authToken = signer.getAuthToken({
  hostname: 'mydbinstance.123456789012.us-west-2.rds.amazonaws.com',
  port: 3306,
  username: 'mydbuser'
});

console.log(`Generated Auth Token: ${authToken}`);

Other packages similar to @aws-sdk/rds-signer

mysql

The 'mysql' package is a popular Node.js client for MySQL databases. Unlike @aws-sdk/rds-signer, it does not provide functionality for generating authentication tokens for Amazon RDS. Instead, it focuses on providing a comprehensive API for interacting with MySQL databases.

pg

The 'pg' package is a PostgreSQL client for Node.js. Similar to the 'mysql' package, it does not offer token generation for Amazon RDS. It provides a robust API for interacting with PostgreSQL databases, including connection pooling and query execution.

sequelize

Sequelize is a promise-based Node.js ORM for various SQL databases, including MySQL, PostgreSQL, and SQLite. While it offers a higher-level abstraction for database interactions, it does not provide specific functionality for generating authentication tokens for Amazon RDS.

README

@aws-sdk/rds-signer

Description

This package provides utilities for interacting with RDS.

Installation

npm install @aws-sdk/rds-signer

Getting Started

Import

ES6 import

import { Signer } from "@aws-sdk/rds-signer";

Or CommonJS import

const { Signer } = require("@aws-sdk/rds-signer");

Generate Authentication Token for RDS IAM Authentication

const signer = new Signer({
  /**
   * Required. The hostname of the database to connect to.
   */
  hostname: "db.us-east-1.rds.amazonaws.com",
  /**
   * Required. The port number the database is listening on.
   */
  port: 8000,
  /**
   * Required. The username to login as.
   */
  username: "user1",
  /**
   * Optional. The AWS credentials to sign requests with. Uses the default credential provider chain in not specified.
   */
  credentials: fromNodeCredentialProvider(),
  /**
   * Optional. The region the database is located in. Uses the region inferred from the runtime if omitted.
   */
  region: "us-east-1",
  /**
   * Optional. The SHA256 hasher constructor to sign the request.
   */
  sha256: HashCtor,
});

const token = await signer.getAuthToken();
// Use this token as the password for connecting to your RDS instance

For more details and examples, refer to the following resources. Usage is similar across DB engines.

• Connecting to your DB instance using IAM authentication
• IAM database authentication for MySQL and PostgreSQL
• Using IAM authentication to connect with pgAdmin Amazon Aurora PostgreSQL or Amazon RDS for PostgreSQL
• Use IAM authentication to connect with SQL Workbench/J to Amazon Aurora MySQL or Amazon RDS for MySQL
• AWS CLI v2 rds generate-db-auth-token Documentation

Changelog

3.696.0 (2024-11-19)

Features

• client-b2bi: Add new X12 transactions sets and versions (cb3d07b)
• client-ec2: This release adds VPC Block Public Access (VPC BPA), a new declarative control which blocks resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. (7905a8e)
• client-ecs: This release introduces support for configuring the version consistency feature for individual containers defined within a task definition. The configuration allows to specify whether ECS should resolve the container image tag specified in the container definition to an image digest. (d632c0c)
• client-efs: Add support for the new parameters in EFS replication APIs (1f77893)
• client-glue: AWS Glue Data Catalog now enhances managed table optimizations of Apache Iceberg tables that can be accessed only from a specific Amazon Virtual Private Cloud (VPC) environment. (844a1da)
• client-keyspaces: Amazon Keyspaces Multi-Region Replication: Adds support to add new regions to multi and single-region keyspaces. (9c30b3a)
• client-mwaa: Amazon MWAA now supports a new environment class, mw1.micro, ideal for workloads requiring fewer resources than mw1.small. This class supports a single instance of each Airflow component: Scheduler, Worker, and Webserver. (a64d4bb)
• client-taxsettings: Release Tax Inheritance APIs, Tax Exemption APIs, and functionality update for some existing Tax Registration APIs (da73fe5)
• client-workspaces: Releasing new ErrorCodes for Image Validation failure during CreateWorkspaceImage process (5649e47)
• clients: update client endpoints as of 2024-11-19 (3a63d0b)