using aws credentials manager for aws rds database

Question

I have a general question for the rds feature within aws credentials manager. When I get the secret, it looks like this:

Does this mean that these credentials directly will work or is the password encrypted? Like if I wanted to sign into my database with a connection what credentials do I use and do these credentials auto rotate with the cycling feature?

Answer 1

I assume you mean the RDSDataClient to access a database such as a Serverless Amazon Aurora instance.

To successfully connect to the database using the RdsDataClient object, you must setup an AWS Secrets Manager secret that is used for authentication. For information, see Rotate Amazon RDS database credentials automatically with AWS Secrets Manager.

To see an AWS tutorial that shows this concept and the corresponding code, see this example that uses the AWS SDK for Kotlin. You will need these values to make a successful connection:

  private val secretArnVal = "<Enter the secret manager ARN>"
  private val resourceArnVal =  "<Enter the database ARN>" ;

See the full example here:

Creating the Serverless Amazon Aurora item tracker application using the Kotlin RdsDataClient API

I just tested this again (been a while since it was developed), and it works perfectly.

We will port this example to use other supported programming languages too - like AWS SDK for Java.

UPDATE

You only need to use Secret Manager when using the RDSDataClient. As mentioned in that tutorial, the RdsDataClient object is only supported for an Aurora Serverless DB cluster or an Aurora PostgreSQL. If you are using MySQL RDS, you cannot use the the RdsDataClient object. You would use a supported JDBC API.