I am using RDS postgresql with IAM authentication. In my application, it generates the token at runtime before it connects to RDS cluster. Based on AWS document,
An authentication token is a string of characters that you use instead of a password. After you generate an authentication token, it's valid for 15 minutes before it expires. If you try to connect using an expired token, the connection request is denied.,
the token is only valid for 15 minutes. My question is that do I need to reconnect every 15 minutes? If the connection is already set up, does it require token for each query/insert/update etc.? If it doesn't require the token, that means I need to keep my connection always open. Does RDS support that connection mode?
My question is that do I need to reconnect every 15 minutes?
No you don't. The token is required to establish connection, and does not determine how long the existing connection can last for. The default value for connection to be alive without activity is 28800s (8 hours) as explained here.
This means that if you terminate your connection, or mysql terminates it due to not being actively used, then you need to get a new token to re-connect if the existing one already expired.