Hi
I am trying to implement RDS IAM authentication using node.js. For that, I have followed these steps
Hi
I am trying to implement AWS RDS IAM authentication using node.js. For that, I have followed these steps
- Create a publicly accessible RDS Mysql database
- In security group, I have port number 3306 with CIDR = 0.0.0.0/0
- Enable IAM authentication in RDS.
- Open mySQL shell
- change the mode to mysql mode using \sql command
- Connect to mysql instance using the command
\connect <UserName>@<HostName>
enter the password to connect
- Execute the following commands
CREATE USER test_user IDENTIFIED WITH AWSAuthenticationPlugin AS 'RDS';
ALTER USER 'test_user'@'%' REQUIRE SSL;
- In IAM, create a user with the name "test_user".
- Create IAM user with same name as database user
- Attach the following policy with the user
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds-db:connect"
],
"Resource": [
"<database ARN>/test_user"
]
}
]
}
-
Open node.js command prompt and install aws-sdk and mysql plugins using the following command.
npm install aws-sdk
npm install mysql
-
Open notepad and write the following node.js code
var mysql = require('mysql');
var AWS = require("aws-sdk");
const signerOptions = {
region: <region>,
hostname: <host>,
port: 3306,
username: 'test_user'
}
const signer = new AWS.RDS.Signer(signerOptions)
const token = signer.getAuthToken()
var connection = mysql.createConnection({
host: <host>,
user: 'test_user',
password: token,
ssl: 'Amazon RDS',
port: 3306
});
connection.connect(function (err) {
if (err) {
console.error('Database connection failed: ' + err.stack);
return;
}
console.log('Connected to database.');
});
connection.end();
When I run the code, I am getting this error
"Database connection failed: Error: ER_NOT_SUPPORTED_AUTH_MODE: Client does not support authentication protocol requested by server; consider upgrading MySQL client"
For that, I have executed the following command in mysql shell.
UPDATE mysql.user SET plugin = 'test1234' WHERE User = 'test_user' AND Host = '<host>';
FLUSH PRIVILEGES;
ALTER USER test_user IDENTIFIED WITH mysql_native_password BY 'test1234';
But now, I am getting the error
Access denied for test_user@<IP address of my laptop>
Please help me