No video
Spring boot connectivity to AWS RDS PostgreSQL using IAM | AWS Advanced JDBC Wrapper
Рет қаралды 6,877
Күн бұрынThis video will demonstrate how to connect a java spring boot application to an AWS Aurora RDS PostgreSQL database using IAM authentication without the need for database password. We will be using aws-advanced-jdbc-wrapper jdbc which will check and refresh the token whenever you establish a new connection or when the existing token has expired
Source Code: github.com/vis...
Commands used:
kubectl create sa my-sa
kubectl annotate serviceaccount my-sa eks.amazonaws.com/role-arn=arn:aws:iam::REPLACE_WITH_ACCOUNT_ID:role/pg-role
kubectl run -it multitool --image=praqma/network-multitool --overrides='{ "spec": { "serviceAccount": "my-sa" } }' -- bash
apk add postgresql
apk add postgresql-contrib
apk add openjdk17 --repository=dl-cdn.alpinel...
psql -h database-1.cluster-cabcdefg.us-east-1.rds.amazonaws.com -p 5432 -d demodb -U pgadmin
CREATE USER iamuser WITH LOGIN;
GRANT rds_iam TO iamuser;
References:
github.com/aws...
github.com/aws...
aws.amazon.com...
docs.aws.amazo...
aws.amazon.com...
truststore.pki...
@tattushenoi 4 ай бұрын
This is not working as of today. Error says certificate not found on path. What I tried. Downloaded the GitHub code as is, just changed the end point of db url in app properties. Built code, built docker, deployed on eks. Created role and policies correctly. Us east 2 region and us east 2 bundle pem certificate file.
@csamarnathreddy Ай бұрын
Is SSL mandatory to connect to RDS through IAM role?
@visa2learn Ай бұрын
No but its highly recommended for security reasons
@vjp00777 Жыл бұрын
Nice explanation.. thank you. It worked for me for IAM but i get an error for SSL. Unable to find valid certification path to requested target. Did u get this issue?
@visa2learn Жыл бұрын
Did you provide the certificate in the jdbc url? Also make sure the certificate actually exists for the driver to pick up
@tattushenoi 4 ай бұрын
Were you able to solve this? If yes can you pls say how?
@preethibabu9085 10 ай бұрын
Hi, Have you tried failover plugin in this wrapper?
@visa2learn 10 ай бұрын
Yes and it works :)
@preethibabu9085 10 ай бұрын
@@visa2learn it doesn't work for a global aurora cluster
@preethibabu9085 10 ай бұрын
I posted the question in the GitHub discussions of aws jdbc wrapper.. they said this feature currently doesn't work for global aurora cluster..
@visa2learn 10 ай бұрын
Thanks for the update. I had tried it with writer fail and one of the reader taking over and the application worked seamlessly. But as you said it might still be not supported for a global aurora cluster
@narasimhadevarapalli1741 Жыл бұрын
nice but I got ENDPOINT_PROVIDER field not configured issue.
@visa2learn Жыл бұрын
Never faced this error. Make sure you provide all the datasource related properties in your properties file
@narasimhadevarapalli1741 Жыл бұрын
@@visa2learn found AWS core dependency is missing..after adding it I didn't get endpoint provider issue. But now I'm getting PAM user authentication failed issue. Through IntelliJ I'm able to connect with IAM token though
@visa2learn Жыл бұрын
If it's working using IAM token using intellij, that means your user is setup correctly and connectivity is also fine. I would suggest you go through this troubleshooting link to see if you are missing any step for IAM role for service account. aws.amazon.com/premiumsupport/knowledge-center/eks-troubleshoot-oidc-and-irsa/
PuffPaw
Рет қаралды 4,1 МЛН
Valaxy Technologies
Рет қаралды 18 М.
Dev Problems
Рет қаралды 28 М.
Amazon Web Services
Рет қаралды 49 М.
Coding World
Рет қаралды 301