Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-952

Aurora IAM credentialType=AWS-IAM - Access denied for user (using password: YES)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Incomplete
    • 2.7.3
    • N/A
    • aurora
    • None
    • Java 11, Hikari Connection Pool, AWS

    Description

      We use MariaDB driver 2.7.3 & Hikari Datasource in the Java 11 application to connect to the AWS Aurora database. Intermittently we are getting Access denied to user
      (using password: YES) error in the error log files. The following is the JDBC URL used in the application.
      ```
      jdbc:mariadb:aurora://<DB writer endpoint>:port,<DB reader endpoint>:port/<DB name>?credentialType=AWS-IAM&useSSL=true&verifyServerCertificate=true&serverSslCert=rds-combined-ca-bundle.pem&autoReconnect=true&fastConnect=true&tcpNoDelay=true&socketTimeout=0
      ```

      credentialType=AWS-IAM will use the RDS token as the password. From the error message, it looks like the expired token is used to get a database connection by the MariaDB driver. Can you please check if this is a bug in the MariaDB driver? Let us know if there is anything else we need to do from an application end? These are the properties set from the application.

      spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
      spring.datasource.hikari.minimum-idle=5
      spring.datasource.hikari.maximum-pool-size=60
      spring.datasource.hikari.idle-timeout=600000
      spring.datasource.hikari.connection-timeout=3000
      spring.datasource.hikari.validation-timeout=1000
      spring.datasource.hikari.login-timeout=2000
      spring.datasource.hikari.max-lifetime=180000
      spring.datasource.hikari.data-source-properties.cachePrepStmts=true
      spring.datasource.hikari.data-source-properties.prepStmtCacheSize=1000
      spring.datasource.hikari.data-source-properties.prepStmtCacheSqlLimit=2048
      spring.datasource.hikari.data-source-properties.useServerPrepStmts=true

      Attachments

        Activity

          People

            diego dupin Diego Dupin
            lijubs Liju
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.