项目作者: rikturnbull

项目描述 :
A JDBC Driver wrapped around the MySQL JDBC Driver for AWS IAM authentication
高级语言: Java
项目地址: git://github.com/rikturnbull/iam-jdbc-driver.git
创建时间: 2018-04-17T20:04:06Z
项目社区:https://github.com/rikturnbull/iam-jdbc-driver

开源协议:MIT License

下载


Warning: beta-only - this driver has not been full tested beyond a simple connect and query

iam-jdbc-driver

A JDBC Driver wrapped around the standard MySQL JDBC Driver that provides IAM authentication for connecting to AWS Aurora MySQL or AWS RDS for MySQL, as described in IAM Database Authentication for MySQL and Amazon Aurora.

Properties

This JDBC driver supports all the MySQL JDBC Driver properties and an additional, required awsRegion driver property.

Note that for RDS, the MySQL SSL properties must be set:

Property Description Example
awsRegion AWS region of target RDS instance eu-west-1
requireSSL Demand that SSL is used true
useSSL Prefer that SSL is used true

Amazon use their own CA for signing RDS certificates. Therefore, you may choose to skip validation:

Property Description Example
verifyServerCertificate Validate the database certificate false

or generate a JKS keystore:

  1. wget https://s3.amazonaws.com/rds-downloads/rds-ca-2015-root.pem
  2. keytool -import -file rds-ca-2015-root.pem -alias rds-ca-2015-root -keystore rds-ca-2015-root.jks

then add your jks keystore properties:

Property Description Example
trustCertificateKeyStoreUrl Trust store URL file:path/rds-ca-2015-root.jks
trustCertificateKeyStorePassword Trust store password changeme

Building

If you build the driver (recommended), then run maven with:

mvn package -Passembly

This way you will have a single JAR file containing all the dependencies, including the MySQL driver and AWS SDK:

  1. If you download the ZIP file (`iam-jdbc-driver-1.1.0.zip`) from the release page, you must unpack it first and you must source and add
  2. the dependencies to your classpath. These are:

+- com.amazonaws:aws-java-sdk-core:jar:1.11.310
+- commons-logging:commons-logging:jar:1.1.3
+- org.apache.httpcomponents:httpclient:jar:4.5.5
| +- org.apache.httpcomponents:httpcore:jar:4.4.9
| - commons-codec:commons-codec:jar:1.10
+- software.amazon.ion:ion-java:jar:1.0.2
+- com.fasterxml.jackson.core:jackson-databind:jar:2.6.7.1
| +- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.0
| - com.fasterxml.jackson.core:jackson-core:jar:2.6.7
+- com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:jar:2.6.7
- joda-time:joda-time:jar:2.8.1

  • com.amazonaws:aws-java-sdk-rds:jar:1.11.310
    - com.amazonaws:jmespath-java:jar:1.11.310
  • mysql:mysql-connector-java:jar:5.1.46
    ```

Driver URL

Use jdbc:mysqliam: in place of jdbc:mysql: in the JDBC URL.

For example: jdbc:mysqliam://host.cluster.region.rds.amazonaws.com:3306/database

Example

  1. Properties properties = new Properties();
  2. properties.setProperty("awsRegion", "eu-west-1");
  3. properties.setProperty("requireSSL", "true");
  4. properties.setProperty("user", "mydbuser");
  5. properties.setProperty("useSSL", "true");
  6. properties.setProperty("verifyServerCertificate", "false");
  7. Connection connection = DriverManager.getConnection(JDBCDRIVER_URL, properties);