@aws-sdk/rds-signer

What is @aws-sdk/rds-signer?

@aws-sdk/rds-signer is an AWS SDK package that allows you to generate an authentication token for connecting to an Amazon RDS database. This token can be used in place of a password when connecting to the database, providing a secure way to authenticate without hardcoding credentials.

What are @aws-sdk/rds-signer's main functionalities?

Generate Authentication Token

This feature allows you to generate an authentication token for connecting to an Amazon RDS database. The token can be used in place of a password, providing a secure way to authenticate without hardcoding credentials.

const { RDSClient, CreateDBInstanceCommand } = require('@aws-sdk/client-rds');
const { RDSAuthTokenGenerator } = require('@aws-sdk/rds-signer');

const client = new RDSClient({ region: 'us-west-2' });
const signer = new RDSAuthTokenGenerator(client);

const authToken = signer.getAuthToken({
  hostname: 'mydbinstance.123456789012.us-west-2.rds.amazonaws.com',
  port: 3306,
  username: 'mydbuser'
});

console.log(`Generated Auth Token: ${authToken}`);

Other packages similar to @aws-sdk/rds-signer

mysql

The 'mysql' package is a popular Node.js client for MySQL databases. Unlike @aws-sdk/rds-signer, it does not provide functionality for generating authentication tokens for Amazon RDS. Instead, it focuses on providing a comprehensive API for interacting with MySQL databases.

pg

The 'pg' package is a PostgreSQL client for Node.js. Similar to the 'mysql' package, it does not offer token generation for Amazon RDS. It provides a robust API for interacting with PostgreSQL databases, including connection pooling and query execution.

sequelize

Sequelize is a promise-based Node.js ORM for various SQL databases, including MySQL, PostgreSQL, and SQLite. While it offers a higher-level abstraction for database interactions, it does not provide specific functionality for generating authentication tokens for Amazon RDS.

README

@aws-sdk/rds-signer

Description

This package provides utilities for interacting with RDS.

Installation

npm install @aws-sdk/rds-signer

Getting Started

Import

ES6 import

import { Signer } from "@aws-sdk/rds-signer";

Or CommonJS import

const { Signer } = require("@aws-sdk/rds-signer");

Generate Authentication Token for RDS IAM Authentication

const signer = new Signer({
  /**
   * Required. The hostname of the database to connect to.
   */
  hostname: "db.us-east-1.rds.amazonaws.com",
  /**
   * Required. The port number the database is listening on.
   */
  port: 8000,
  /**
   * Required. The username to login as.
   */
  username: "user1",
  /**
   * Optional. The AWS credentials to sign requests with. Uses the default credential provider chain in not specified.
   */
  credentials: fromNodeCredentialProvider(),
  /**
   * Optional. The region the database is located in. Uses the region inferred from the runtime if omitted.
   */
  region: "us-east-1",
  /**
   * Optional. The SHA256 hasher constructor to sign the request.
   */
  sha256: HashCtor,
});

const token = await signer.getAuthToken();
// Use this token as the password for connecting to your RDS instance

For more details and examples, refer to the following resources. Usage is similar across DB engines.

• Connecting to your DB instance using IAM authentication
• IAM database authentication for MySQL and PostgreSQL
• Using IAM authentication to connect with pgAdmin Amazon Aurora PostgreSQL or Amazon RDS for PostgreSQL
• Use IAM authentication to connect with SQL Workbench/J to Amazon Aurora MySQL or Amazon RDS for MySQL
• AWS CLI v2 rds generate-db-auth-token Documentation

Changelog

3.649.0 (2024-09-10)

Features

• client-cognito-identity: This release adds sensitive trait to some required shapes. (28a1dee)
• client-pipes: This release adds support for customer managed KMS keys in Amazon EventBridge Pipe (a0eda25)
• clients: update client endpoints as of 2024-09-10 (467fa98)
• endpoints: codegen sync for request creation performance improvements (#6449) (c8e8f28)