Skip to content

Latest commit

 

History

History
86 lines (62 loc) · 3.9 KB

README.md

File metadata and controls

86 lines (62 loc) · 3.9 KB

Warning: beta-only - this driver has not been full tested beyond a simple connect and query

iam-postgresql-jdbc-driver

A JDBC Driver wrapped around the standard PostgreSQL JDBC Driver that provides IAM authentication for connecting to AWS PostgreSQL or AWS RDS for PostgreSQL, as described in IAM Database Authentication for MySQL and Amazon Aurora. See Example for Java

This code was forked from this original repository that is working for mysql.

Properties

This JDBC driver supports all the PostgreSQL JDBC Driver properties and an additional, required awsRegion driver property.

Note that for RDS, the PostgreSQL SSL properties must be set:

Property Description Example
awsRegion AWS region of target RDS instance eu-west-1
requireSSL Demand that SSL is used true
useSSL Prefer that SSL is used true

Amazon use their own CA for signing RDS certificates. Therefore, you may choose to skip validation:

Property Description Example
verifyServerCertificate Validate the database certificate false

or generate a JKS keystore:

wget https://s3.amazonaws.com/rds-downloads/rds-ca-2015-root.pem
keytool -import -file rds-ca-2015-root.pem -alias rds-ca-2015-root -keystore rds-ca-2015-root.jks

then add your jks keystore properties:

Property Description Example
trustCertificateKeyStoreUrl Trust store URL file:path/rds-ca-2015-root.jks
trustCertificateKeyStorePassword Trust store password changeme

Building

If you build the driver (recommended), then run maven with:

mvn package -Passembly

This way you will have a single JAR file containing all the dependencies, including the PostgreSQL driver and AWS SDK:

target/iam-jdbc-driver-1.1.1-SNAPSHOT-jar-with-dependencies.jar

If you download the ZIP file (iam-jdbc-driver-1.1.0.zip) from the release page, you must unpack it first and you must source and add the dependencies to your classpath. These are:

+- com.amazonaws:aws-java-sdk-core:jar:1.11.310
  +- commons-logging:commons-logging:jar:1.1.3
  +- org.apache.httpcomponents:httpclient:jar:4.5.5
  |  +- org.apache.httpcomponents:httpcore:jar:4.4.9
  |  \- commons-codec:commons-codec:jar:1.10
  +- software.amazon.ion:ion-java:jar:1.0.2
  +- com.fasterxml.jackson.core:jackson-databind:jar:2.6.7.1
  |  +- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.0
  |  \- com.fasterxml.jackson.core:jackson-core:jar:2.6.7
  +- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.6.7
  \- joda-time:joda-time:jar:2.8.1
- com.amazonaws:aws-java-sdk-rds:jar:1.11.310
  \- com.amazonaws:jmespath-java:jar:1.11.310
- postgresql:postgresql-connector-java:jar:42.2.5

Driver URL

Use jdbc:postgresqliam: in place of jdbc:postgresql: in the JDBC URL.

For example: jdbc:postgresqliam://host.cluster.region.rds.amazonaws.com:3306/database

Example

Properties properties = new Properties();
properties.setProperty("awsRegion", "eu-west-1");
properties.setProperty("requireSSL", "true");
properties.setProperty("user", "mydbuser");
properties.setProperty("useSSL", "true");
properties.setProperty("verifyServerCertificate", "false");
Connection connection = DriverManager.getConnection(JDBCDRIVER_URL, properties);