如何使用AWS IAM身份验证从Java/Spring应用程序连接到AWS RDS MySQL? [英] How do I connect to AWS RDS MySQL from Java/Spring application using AWS IAM Authentication?
问题描述
我是AWS世界的新手,并且仍在学习中.我尝试事情只有一个月.
I am new to AWS world and still learning. It's been only a month that I am trying things.
我已经找了好几天了,却找不到正确,更合适的解决方案.因此,如果有人可以通过提供示例代码,提供一些指针或正确方向的指导来帮助我,那就太好了.
I have been looking for it for quite a few days now and haven't been able to find a correct and more appropriate solution. Therefore it would be great if somebody can help me by giving a sample code, provide some pointer or guide in the right direction.
我有一个 AWS RDS MySQL 实例和一个数据库.我已将"启用了IAM DB AUthentication "设置为是".
I have a AWS RDS MySQL instance and a database created. I have configured "IAM DB AUthentication Enabled" to "Yes".
根据AWS文档创建了 IAM角色和政策.
Created an IAM Role and Policy as per AWS documentation.
最后,我在Tomcat中有一个 EC2实例,其中部署了我的 Java/Spring应用程序并在其中运行.我能够使用数据库凭据(例如db用户名,密码,db url等)成功访问MySQL数据库.所以我知道现在一切都已正确设置.
And finally, I have an EC2 instance with Tomcat with my Java/Spring application deployed and running in it. I am able to access the MySQL database using database credentials (like db user name, password, db url, etc.) successfully. So I know things are setup properly now.
有人可以帮助我知道如何使用 spring-jdbc 和 AWS IAM身份验证(我在上面创建的IAM角色)从Java/Spring应用程序连接到该数据库.)?
Can somebody please help me know how to connect to this database from my Java/Spring application using spring-jdbc and AWS IAM Authentication (the IAM role I created above)?
我在某处阅读到我的应用程序环境中需要证书文件或证书捆绑文件,并且需要生成一个令牌才能连接到数据库.但是我无法考虑如何将其组合在一起.
I read somewhere that I need the certificate file or certificate bundle file in my application environment and that I need to generate a token to be connected to the database. But I am not able to think on how to put it together.
任何帮助将不胜感激.
谢谢.
推荐答案
我最近有一个类似的问题.
I had a similar problem recently.
这就是我所做的:
- 包含的Spring Cloud AWS JDBC和Spring Data JPA
- 实现了自定义DataSourceFactory,该数据源将生成IAM访问令牌并将其用于连接
You can find a full step-by-step guide here.
顺便说一句,Spring Cloud AWS JDBC提供了一些其他好处,例如只读副本或故障转移支持,您只需要提供RDS实例的实例ID,而不必提供完整的规范端点.
Btw., Spring Cloud AWS JDBC provides some additional benefits, like read replica or failover support, and you only have to provide the instance ID of your RDS instance, and not the full canonical endpoint.
这篇关于如何使用AWS IAM身份验证从Java/Spring应用程序连接到AWS RDS MySQL?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
