Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetRdsIamMysqlGorm ¶
func GetRdsIamMysqlGorm[AuthType authTypes]( ctx context.Context, input GetRdsIamMysqlGormInput[AuthType], ) (*gorm.DB, stackerr.Error)
GetRdsIamMysqlGorm gets a GORM DB using IAM authentication for an RDS cluster. It automatically sets the TLS configuration for RDS by loading the root certificates from AWS via HTTP.
Types ¶
type GetRdsIamMysqlGormInput ¶
type GetRdsIamMysqlGormInput[AuthType authTypes] struct { gormauth.GetMysqlGormInput MysqlConfig *mysql.Config AuthSettings AuthType }
GetRdsIamMysqlGormInput is an input that contains everything needed for a standard connection to an AWS RDS cluster with IAM authentication enabled.
type RdsIamAuth ¶
type RdsIamAuth struct { // The host of the primary cluster Host string `json:"host"` // The port to connect to the primary cluster Port int `json:"port"` // The username to connect with Username string `json:"username"` // The name of the database to connect to Database string `json:"database"` // This is the region that the database is in, not // that we're connecting from. If this field is not // provide, the connection function will attempt to // parse the region from the RDS host name. Region string `json:"region"` // The AWS config to use for authentication/credentials AwsConfig aws.Config }
RdsIamAuth is a struct that contains all of the information necessary for connecting to an AWS RDS cluster with IAM authentication. You can unmarshal JSON directly into this struct if you have a matching Secrets Manager secret or SSM Parameter, or you can set each field individually. If you unmarshal it from JSON, you must still set the AwsConfig field separately.
func (*RdsIamAuth) GetTokenGenerator ¶
func (ria *RdsIamAuth) GetTokenGenerator(baseCfg *mysql.Config) connectors.GetMysqlConfigCallback
GetReadOnlyTokenGenerator returns a generator function that generates RDS IAM auth tokens for use in new connections to the main/writer host specified in an RdsIamAuth struct.
type RdsIamAuthWithReadOnly ¶
type RdsIamAuthWithReadOnly struct { RdsIamAuth HostReadOnly string `json:"host_read_only"` // If this is empty, it will use the same port as the // write cluster. PortReadOnly int `json:"port_read_only"` // If this is empty, it will use the same username // as the write cluter. UsernameReadOnly string `json:"username_read_only"` }
RdsIamAuthWithReadOnly is an extension of RdsIamAuth that adds fields for separate read-only connections. This is useful since most managed RDS custers have read-only endpoints that support horizontal scaling.
func (*RdsIamAuthWithReadOnly) GetReadOnlyTokenGenerator ¶
func (ria *RdsIamAuthWithReadOnly) GetReadOnlyTokenGenerator(baseCfg *mysql.Config) connectors.GetMysqlConfigCallback
GetReadOnlyTokenGenerator returns a generator function that generates RDS IAM auth tokens for use in new connections to the read-only host specified in an RdsIamAuthWithReadOnly struct.