Aws Iam Authentication with Mariadb (Assuming role) #902
chaseaunderwood
started this conversation in
General
Replies: 1 comment
-
|
Hi @chaseaunderwood, thank you for reaching out. Could you please verify if I understood your usecase correctly? I made the following assumptions:
If my understanding is correct, you can try using AwsCredentialsManager to assume role on your other account, here is an example: try (StsClient stsClient = StsClient.builder()
.region(REGION)
.build()) {
final AssumeRoleRequest request = AssumeRoleRequest.builder()
.roleArn("arnForRoleOnAccountB")
.roleSessionName("iam")
.build();
AwsCredentialsManager.setCustomHandler((hostSpec, props) -> StsAssumeRoleCredentialsProvider.builder()
.refreshRequest(request)
.stsClient(stsClient)
.build());
final Properties mysqlProps = new Properties();
mysqlProps.setProperty("wrapperPlugins", "iam");
mysqlProps.setProperty("user", "iamUserOnAccountB");
try (Connection conn = DriverManager.getConnection(
"jdbc:aws-wrapper:mysql://database-mysql.cluster-xyz.REGION.rds.amazonaws.com:3306/db", mysqlProps);
Statement statement = conn.createStatement();
ResultSet result = statement.executeQuery("SELECT @@aurora_server_id")) {
if (result.next()) {
System.out.println(result.getString(1));
}
}
} |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I have gotten your code here (examples/AWSDriverExample/src/main/java/software/amazon/AwsIamAuthenticationMariadbExample.java) to work when I am trying to access a database that is on the same AWS account as my user.
What I am trying to do now is access a database on another account by assuming a role on that account. I believe I have all the permissions set up correctly, but I am not sure your wrapper supports this. Could I get some insight on that?
Beta Was this translation helpful? Give feedback.
All reactions