Commits on Nov 11, 2024

1. Initial pass adding AWS IAM Authentication brianmario#1263 …

   This adds AWS IAM authentication as a replacement for defining a
   password in the configuration.
   
   When the configuration option :use_iam_authentication = true, an
   authentication token (password) will be fetched from IAM and cached
   for the next 14 minutes (tokens expire in 15 minutes).  These can then
   be reused by all new connections until it expires, at which point a
   new token will be fetched when next needed.
   
   To allow for multiple Mysql2::Client configurations to multiple
   servers, the cache is keyed by database username, host name, port, and
   region.
   
   Two new configuration options are necessary:
   - :use_iam_credentials = true
   - :host_region is a string region name, e.g. 'us-east-1'.  If not set,
     ENV['AWS_REGION'] will be used.  If this is not present,
     authenticaiton will fail.
   
   As prerequisites, you must enable IAM authentication on the RDS
   instance, create an IAM policy, attach the policy to the target IAM
   user or role, create the database user set to use the AWS
   Authentication Plugin, and then run your ruby code using that user or
   role.  See
   https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.Connecting.html
   for details on these steps.
   
   You must include the aws-sdk-rds gem in your bundle to use this feature.

   

   matt-domsch-sp committed Nov 11, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 5874883
   • Browse repository at this point

   Copy the full SHA

   5874883 View commit details

   Browse the repository at this point in the history

2. raise LoadError with message when aws-sdk-rds is not present

   

   matt-domsch-sp committed Nov 11, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 000ac06
   • Browse repository at this point

   Copy the full SHA

   000ac06 View commit details

   Browse the repository at this point in the history