How to use AWS RDS token authentication with MySQL?

[Kevin Tran]

My database is set up to use AWS RDS IAM DB authentication token https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html

For MySQL this requires doing this

```

TOKEN="$(aws rds generate-db-auth-token --hostname mydb.us-east-1.rds.amazonaws.com --port 3306 --region us-east-1 --username Kevin)"

mysql --host=mydb.us-east-1.rds.amazonaws.com --port=3306 --enable-cleartext-plugin --user=Kevin --password=$TOKEN dbname

```

I want to use sqitch with this database, but I don't know how to make sqitch call mysql with "--enable-cleartext-plugin".  Is there a place to put this option?

Thanks,

Kevin

[Dimitriy Khlevnyak]

Each token has a lifetime of 15 minutes.

Are you sure it's enough for db deployment?

--
You received this message because you are subscribed to the Google Groups "Sqitch Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sqitch-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sqitch-users/37f0df46-16b0-43ce-9727-bcb4b4566049n%40googlegroups.com.

--

Regards,
Dmytro Kh.

[Kevin Tran]

Ah good point.  For many migrations 15 minutes will not be long enough.  My confusion was more related to wondering why sqitch doesn't have a way to pass MySQL arugments.  IAM DB authentication seems to not be the way to run migrations.  I guess it's meant as a way for applications to connect, and just process a request for a few seconds.  Running migrations or other long running processes will require at least a username/password.