Details

    • Type: Sub-Task
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.4.1
    • Fix Version/s: 2.5.0
    • Component/s: aurora, authentication
    • Labels:
      None
    • Environment:
      AWS RDS

      Description

      AWS IAM Database Authentication is a great feature in AWS RDS Aurora. While MariaDB Connector/J already has great support for Aurora clustering, it does not yet have support for IAM authentication.

      In a nutshell, IAM Database Authentication allows authenticating with the database using AWS Identity and Access Management (IAM), instead of a password. In practice this allows for much easier, and arguably more secure, setup of AWS environments - like EC2, ECS, and Lambda - as passwords no longer need to be communicated to those environments. IAM is already built-in to these environments.

      Moreover, non-AWS environments (like developer machines) can have IAM credentials setup as well, which allows them to connect to their AWS RDS databases without passwords. See this for instructions

      The instructions for integrating a JDBC driver with AWS IAM Database Authentication are here: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.Connecting.Java.html

      Chances are a bunch of people have come up with their own ad-hoc integrations, duplicating each others' work. Moreover as mentioned in CONJ-518, it's difficult to get to work correctly with the pooling driver.

      I suggest we integrate AWS IAM authentication natively into the MariaDB driver. This feature could be as easy as a new option, something like awsIamAutentication=true in the URL.

      Any thoughts?

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              diego dupin Diego Dupin
              Reporter:
              sfishman Semyon Fishman
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: