Amazon Aurora DSQL is provided as a Preview service.
To learn more, see Betas and Previews
Using the PostgreSQL protocol with Aurora DSQL
The following table shows how Aurora DSQL supports the PostgreSQL protocol
| PostgreSQL | Aurora DSQL | Notes |
|---|---|---|
| Role (aka User or Group) | Database Role | Aurora DSQL creates a role for you named admin. If you
create custom database roles, you must use the admin role to associate them with IAM
roles for authenticating when connecting to your cluster.
For more information, see Configure custom database roles. |
| Host (aka hostname or hostspec) | Cluster Endpoint | Aurora DSQL single region clusters provide a single managed endpoint and will automatically redirect traffic in case there’s any unavailability within the region. |
| Port | N/A - use default 5432 |
PostgreSQL default |
| Database (dbname) | use postgres |
Aurora DSQL creates this for you upon Cluster creation |
| SSL Mode | SSL is always enabled server-side | In Aurora DSQL, Aurora DSQL supports the require SSL Mode. Connections without
SSL will be rejected by Aurora DSQL. |
| Password | Authentication Token | Aurora DSQL requires temporary authentication tokens instead of long-lived passwords. To learn more, see Generating an authentication token in Amazon Aurora DSQL. |
You do not need to store credentials in the database because authentication is managed using IAM. An authentication token is a unique string of characters that is generated dynamically. Authentication tokens are generated using AWS Signature Version 4. The token is only used for authentication and doesn't affect the connection after it is established. If you try to re-connect using an expired token, the connection request is denied. For more information, see Generating an authentication token in Amazon Aurora DSQL.
