An AWS IAM database authentication token signer for RDS, implementing
RDS.Signer
for AWS SDK for JS v3
npm install --save aws-sdk-js-v3-rds-signer
This package provides an ES Module. Node.js 12.20 or later is required to import
it.
Construct a new Signer
, then call signer.getAuthToken()
to sign a token. Use the generated token as the password when connecting. A token will always be returned regardless of whether the principal is authorized to connect. If the principal is not authorized, the password will be rejected when attempting to connect to the database.
import { Signer } from 'aws-sdk-js-v3-rds-signer'
const signer = new Signer({
hostname: 'host',
port: 5432,
region: 'us-east-1',
username: 'me'
})
const token = await signer.getAuthToken()
console.log(token)
// #=> host:5432/...
All options supported by the Signer
constructor are also supported by the getAuthToken
method and will override the instance options for a specific token.
An RDS.Signer
class was included in the AWS SDK for JS v2. At the time this package was authored/published, v3 did not provide a high level Signer
implementation. This package implements one using the low level packages from SDK v3. If/when this functionality is included natively in the SDK, this package will be deprecated in favor of the official Amazon implementation.
MIT © Ben Drucker