Skip to main content

AWS RDS IAM DB Authentication

Create AWS RDS MySQL DB:

 
aws rds create-db-instance \
    --db-instance-identifier test-mysql-instance \
    --db-instance-class db.t3.micro \
    --engine mysql \
    --master-username admin \
    --master-user-password secret99 \
    --allocated-storage 20 \
    --enable-iam-database-authentication
Create user in DB as follows: 
CREATE USER jane_doe IDENTIFIED WITH AWSAuthenticationPlugin AS 'RDS';
Connect to MySQL DB using IAM DB Authentication: 
RDSHOST="test-mysql-instance.abcdef123456.us-west-2.rds.amazonaws.com"
TOKEN="$(aws rds generate-db-auth-token --hostname $RDSHOST --port 3306 --region us-west-2 --username jane_doe )"
mysql --host=$RDSHOST --port=3306 --ssl-ca=[file_path]/global-bundle.pem --enable-cleartext-plugin --user=jane_doe --password=$TOKEN
Link to download certificate:
https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
Note:
IAM DB Authentication works with PostgreSQL and MySQL.

Comments

Post a Comment

Popular posts from this blog

How to install/upgrade/downgrade kubectl in Linux (Ubuntu)?

To install the latest version: curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" echo "$(<kubectl.sha256) kubectl" | sha256sum --check sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl kubectl version --client kubectl version To install a specific (v1.19.0) version: curl -LO "https://dl.k8s.io/release/v1.19.0/bin/linux/amd64/kubectl" curl -LO "https://dl.k8s.io/v1.19.0/bin/linux/amd64/kubectl.sha256" echo "$(<kubectl.sha256) kubectl" | sha256sum --check sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl kubectl version --client kubectl version This will install kubectl client. Run minikube start to install kubectl server.
Post a Comment
Read more

Application Load Balancer (ALB)

The ALB spans all subnets in a VPC i.e., it is not inside a subnet but VPC. ALB is bound to Target Groups (TGs). TGs are bound to subnets.
Post a Comment
Read more