Connecting to your DB cluster using IAM authentication and the AWS SDK for Go
You can connect to an Aurora MySQL or Aurora PostgreSQL DB cluster with the AWS SDK for Go as described following.
Prerequisites
The following are prerequisites for connecting to your DB cluster using IAM authentication:
Examples
To run these code examples, you need the AWS SDK for Go
Modify the values of the following variables as needed:
-
dbName– The database that you want to access -
dbUser– The database account that you want to access -
dbHost– The endpoint of the DB cluster that you want to accessNote
You cannot use a custom Route 53 DNS record or an Aurora custom endpoint instead of the DB cluster endpoint to generate the authentication token.
-
dbPort– The port number used for connecting to your DB cluster -
region– The AWS Region where the DB cluster is running
In addition, make sure the imported libraries in the sample code exist on your system.
Important
The examples in this section use the following code to provide credentials that access a database from a local environment:
creds := credentials.NewEnvCredentials()
If you are accessing a database from an AWS service, such as Amazon EC2 or Amazon ECS, you can replace the code with the following code:
sess := session.Must(session.NewSession())
creds := sess.Config.Credentials
If you make this change, make sure you add the following import:
"github.com/aws/aws-sdk-go/aws/session"
Topics
Connecting using IAM authentication and the AWS SDK for Go V2
You can connect to a DB cluster using IAM authentication and the AWS SDK for Go V2.
The following code examples show how to generate an authentication token, and then use it to connect to a DB cluster.
This code connects to an Aurora MySQL DB cluster.
package main import ( "context" "database/sql" "fmt" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/feature/rds/auth" _ "github.com/go-sql-driver/mysql" ) func main() { var dbName string = "DatabaseName" var dbUser string = "DatabaseUser" var dbHost string = "mysqlcluster.cluster-123456789012.us-east-1.rds.amazonaws.com" var dbPort int =3306var dbEndpoint string = fmt.Sprintf("%s:%d", dbHost, dbPort) var region string = "us-east-1" cfg, err := config.LoadDefaultConfig(context.TODO()) if err != nil { panic("configuration error: " + err.Error()) } authenticationToken, err := auth.BuildAuthToken( context.TODO(), dbEndpoint, region, dbUser, cfg.Credentials) if err != nil { panic("failed to create authentication token: " + err.Error()) } dsn := fmt.Sprintf("%s:%s@tcp(%s)/%s?tls=true&allowCleartextPasswords=true", dbUser, authenticationToken, dbEndpoint, dbName, ) db, err := sql.Open("mysql", dsn) if err != nil { panic(err) } err = db.Ping() if err != nil { panic(err) } }
This code connects to an Aurora PostgreSQL DB cluster.
package main import ( "context" "database/sql" "fmt" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/feature/rds/auth" _ "github.com/lib/pq" ) func main() { var dbName string = "DatabaseName" var dbUser string = "DatabaseUser" var dbHost string = "postgresmycluster.cluster-123456789012.us-east-1.rds.amazonaws.com" var dbPort int =5432var dbEndpoint string = fmt.Sprintf("%s:%d", dbHost, dbPort) var region string = "us-east-1" cfg, err := config.LoadDefaultConfig(context.TODO()) if err != nil { panic("configuration error: " + err.Error()) } authenticationToken, err := auth.BuildAuthToken( context.TODO(), dbEndpoint, region, dbUser, cfg.Credentials) if err != nil { panic("failed to create authentication token: " + err.Error()) } dsn := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s", dbHost, dbPort, dbUser, authenticationToken, dbName, ) db, err := sql.Open("postgres", dsn) if err != nil { panic(err) } err = db.Ping() if err != nil { panic(err) } }
If you want to connect to a DB cluster through a proxy, see Connecting to a proxy using IAM authentication.
Connecting using IAM authentication and the AWS SDK for Go V1.
You can connect to a DB cluster using IAM authentication and the AWS SDK for Go V1
The following code examples show how to generate an authentication token, and then use it to connect to a DB cluster.
This code connects to an Aurora MySQL DB cluster.
package main import ( "database/sql" "fmt" "log" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/service/rds/rdsutils" _ "github.com/go-sql-driver/mysql" ) func main() { dbName := "app" dbUser := "jane_doe" dbHost := "mysqlcluster.cluster-123456789012.us-east-1.rds.amazonaws.com" dbPort :=3306dbEndpoint := fmt.Sprintf("%s:%d", dbHost, dbPort) region := "us-east-1" creds := credentials.NewEnvCredentials() authToken, err := rdsutils.BuildAuthToken(dbEndpoint, region, dbUser, creds) if err != nil { panic(err) } dsn := fmt.Sprintf("%s:%s@tcp(%s)/%s?tls=true&allowCleartextPasswords=true", dbUser, authToken, dbEndpoint, dbName, ) db, err := sql.Open("mysql", dsn) if err != nil { panic(err) } err = db.Ping() if err != nil { panic(err) } }
This code connects to an Aurora PostgreSQL DB cluster.
package main import ( "database/sql" "fmt" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/service/rds/rdsutils" _ "github.com/lib/pq" ) func main() { dbName := "app" dbUser := "jane_doe" dbHost := "postgresmycluster.cluster-123456789012.us-east-1.rds.amazonaws.com" dbPort :=5432dbEndpoint := fmt.Sprintf("%s:%d", dbHost, dbPort) region := "us-east-1" creds := credentials.NewEnvCredentials() authToken, err := rdsutils.BuildAuthToken(dbEndpoint, region, dbUser, creds) if err != nil { panic(err) } dsn := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s", dbHost, dbPort, dbUser, authToken, dbName, ) db, err := sql.Open("postgres", dsn) if err != nil { panic(err) } err = db.Ping() if err != nil { panic(err) } }
If you want to connect to a DB cluster through a proxy, see Connecting to a proxy using IAM authentication.
