cmd/atlas/internal: fix IAM Authentication for RDS MySQL (#2617)

* cmd/atlas/internal: register rds CRA on mysql driver when using aws_rds_token * update doc * fix readme
ariga · Mar 15, 2024 · 42befa3 · 42befa3
1 parent 4970c53
commit 42befa3
Showing 1 changed file with 29 additions and 3 deletions.
diff --git a/doc/md/guides/deploying/secrets.mdx b/doc/md/guides/deploying/secrets.mdx
@@ -199,23 +199,49 @@ values={[
 
 4. Create a new file named `atlas.hcl` with the following contents:
 
+    <Tabs>
+    <TabItem value="postgres" label="postgres" default>
+
     ```hcl
     locals {
       user = "iamuser"
       endpoint = "hostname-of-db.example9y7k.us-east-1.rds.amazonaws.com:5432"
     }
 
     data "aws_rds_token" "db" {
-        region = "us-east-1"
-        endpoint = local.endpoint
-        username = local.user
+      region = "us-east-1"
+      endpoint = local.endpoint
+      username = local.user
     }
 
     env "rds" {
       url = "postgres://${local.user}:${urlescape(data.aws_rds_token.db)}@${local.endpoint}/postgres"
     }
     ```
 
+    </TabItem>
+    <TabItem value="mysql" label="mysql">
+
+    ```hcl
+    locals {
+      user = "iamuser"
+      endpoint = "hostname-of-db.example9y7k.us-east-1.rds.amazonaws.com:3306"
+    }
+
+    data "aws_rds_token" "db" {
+      region = "us-east-1"
+      endpoint = local.endpoint
+      username = local.user
+    }
+
+    env "rds" {
+      url = "mysql://${local.user}:${urlescape(data.aws_rds_token.db)}@${local.endpoint}?tls=preferred&allowCleartextPasswords=true"
+    }
+    ```
+
+    </TabItem>
+    </Tabs>
+
     Let's breakdown the configuration:
     * The `aws_rds_token` data source is used to retrieve the database password from AWS Secrets Manager.
     * We define an `env` named `rds`.  The value retrieved by the `aws_rds_token` data source