├── .github └── demo-video.png ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md └── index.js /.github/demo-video.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-rds-proxy-video-demo/37f070c21987d456f9be204d150542880a0518b7/.github/demo-video.png -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional 4 | documentation, we greatly value feedback and contributions from our community. 5 | 6 | Please read through this document before submitting any issues or pull requests to ensure we have all the necessary 7 | information to effectively respond to your bug report or contribution. 8 | 9 | 10 | ## Reporting Bugs/Feature Requests 11 | 12 | We welcome you to use the GitHub issue tracker to report bugs or suggest features. 13 | 14 | When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already 15 | reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: 16 | 17 | * A reproducible test case or series of steps 18 | * The version of our code being used 19 | * Any modifications you've made relevant to the bug 20 | * Anything unusual about your environment or deployment 21 | 22 | 23 | ## Contributing via Pull Requests 24 | Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: 25 | 26 | 1. You are working against the latest source on the *master* branch. 27 | 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. 28 | 3. You open an issue to discuss any significant work - we would hate for your time to be wasted. 29 | 30 | To send us a pull request, please: 31 | 32 | 1. Fork the repository. 33 | 2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. 34 | 3. Ensure local tests pass. 35 | 4. Commit to your fork using clear commit messages. 36 | 5. Send us a pull request, answering any default questions in the pull request interface. 37 | 6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. 38 | 39 | GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and 40 | [creating a pull request](https://help.github.com/articles/creating-a-pull-request/). 41 | 42 | 43 | ## Finding contributions to work on 44 | Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start. 45 | 46 | 47 | ## Code of Conduct 48 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 49 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 50 | opensource-codeofconduct@amazon.com with any additional questions or comments. 51 | 52 | 53 | ## Security issue notifications 54 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. 55 | 56 | 57 | ## Licensing 58 | 59 | See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. 60 | 61 | We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. 62 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of 4 | this software and associated documentation files (the "Software"), to deal in 5 | the Software without restriction, including without limitation the rights to 6 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 7 | the Software, and to permit persons to whom the Software is furnished to do so. 8 | 9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 10 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 11 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 12 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 13 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 14 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 15 | 16 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Amazon RDS Proxy Demo Code 2 | 3 | This code accompanies the [Amazon RDS Proxy Demo video](https://www.youtube.com/watch?v=ULRnn6tIYu8). 4 | 5 | [![Demo](.github/demo-video.png)](https://www.youtube.com/watch?v=ULRnn6tIYu8) 6 | 7 | ## Files 8 | 9 | * index.js - The Lambda function shown in the demo video. This Lambda provides the application logic for the API presented in the demo. 10 | 11 | ## Notes 12 | 13 | * The Lambda function relies on the following environment variables to be defined: 14 | * database 15 | * user 16 | * proxyendpoint 17 | * port 18 | * region 19 | 20 | * The code in the Lambda function does a query against a table named `contacts` in the database. It is expected the schema of this table has two columns as below: 21 | 22 | ``` 23 | email varchar(255) 24 | name varchar(255) 25 | ``` 26 | 27 | ## MySQL Client Installation 28 | 29 | You will need to package the mysql2 client library with your Lambda function. First, install the mysql2 client: 30 | 31 | ``` 32 | npm install –save mysql2 33 | ``` 34 | 35 | and then package the directory as described in [AWS Lambda Deployment Package in Node.js](https://docs.aws.amazon.com/lambda/latest/dg/nodejs-package.html). 36 | 37 | ## Acknowlegements 38 | 39 | The MySQL client linked in this sample is the [mysql2 client](https://www.npmjs.com/package/mysql2). 40 | -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | let AWS = require('aws-sdk'); 2 | var mysql2 = require('mysql2/promise'); 3 | 4 | exports.handler = async(event) => { 5 | console.log(`event: ${JSON.stringify(event)}`); 6 | 7 | let response = {}; 8 | 9 | console.log("Starting query..."); 10 | 11 | console.log("IAM auth"); 12 | 13 | var signer = new AWS.RDS.Signer({ 14 | region: process.env['region'], 15 | hostname: process.env['proxyendpoint'], 16 | port: parseInt(process.env['port'], 10), 17 | username: process.env['user'] 18 | }); 19 | 20 | let token = signer.getAuthToken({ 21 | username: process.env['user'] 22 | }); 23 | 24 | console.log("IAM Token obtained"); 25 | 26 | const connectionConfig = { 27 | host: process.env['proxyendpoint'], 28 | user: process.env['user'], 29 | database: process.env['database'], 30 | ssl: { rejectUnauthorized: false }, 31 | password: token, 32 | authSwitchHandler: function({ pluginName, pluginData }, cb) { 33 | console.log("Setting new auth handler."); 34 | } 35 | }; 36 | 37 | // Adding the mysql_clear_password handler 38 | connectionConfig.authSwitchHandler = (data, cb) => { 39 | if (data.pluginName === 'mysql_clear_password') { 40 | // See https://dev.mysql.com/doc/internals/en/clear-text-authentication.html 41 | console.log("pluginName: " + data.pluginName); 42 | let password = token + '\0'; 43 | let buffer = Buffer.from(password); 44 | cb(null, password); 45 | } 46 | }; 47 | 48 | let connection; 49 | 50 | try { 51 | connection = await mysql2.createConnection(connectionConfig); 52 | } catch(err) { 53 | console.error('error connecting to the database'); 54 | console.error(err); 55 | response = { 56 | statusCode: 500, 57 | "headers": { 58 | "Content-Type": "application/json" 59 | }, 60 | body: 'error connecting to the database' 61 | }; 62 | return response; 63 | } 64 | 65 | console.log(`connected as id ${connection.threadId}`); 66 | 67 | try { 68 | const [rows, fields] = await connection.execute('SELECT * FROM contacts'); 69 | console.log(`rows: ${JSON.stringify(rows)}`); 70 | console.log(`fields: ${JSON.stringify(fields)}`); 71 | const responseBody = { 72 | number: rows.length, 73 | contacts: rows 74 | }; 75 | response = { 76 | statusCode: 200, 77 | "headers": { 78 | "Content-Type": "application/json" 79 | }, 80 | body: JSON.stringify(responseBody) 81 | }; 82 | } catch(err) { 83 | console.error('error running query'); 84 | console.error(err); 85 | response = { 86 | statusCode: 500, 87 | "headers": { 88 | "Content-Type": "application/json" 89 | }, 90 | body: 'error executing query' 91 | }; 92 | } 93 | 94 | await connection.end(); 95 | 96 | return response; 97 | }; 98 | 99 | 100 | --------------------------------------------------------------------------------