I have a demand where I need to provide IAM authentication to a RDS Aurora Postgres cluster and so far I only needed to manage standard authentication (user, password).
My project is using Quarkus + Kotlin + Hibernate Panache
I tried a few solutions:
First I tried evaluate what it happens when I change the properties on the fly, but Quarkus won't read this new piece of information at runtime.
I did find only one resource in the quarkus-hibernate documentation that could help me with that, and it's basically the possibility to create a custom-provider. That would work if I didn't need to refresh my token every x seconds after the application is already running, so I ditched.
It came into my mind that I may not be able to make this happen using Hibernate Panache (or just Hibernate, I'm ok doing this small change), but there is a work around so I can keep using Hibernate in my project without making a large refactor?
If no, what are the other possible solutions that can be done with Quarkus (I only saw references of this being done using Spring not Quarkus)?
There is a library called aws-advanced-jdbc-wrapper available here https://github.com/aws/aws-advanced-jdbc-wrapper and in order to configure it properly is just a matter of properly changing values in the application.properties.
First add to your gradle/maven dependency tree and change the properties based on the following documentation.
This values for the iam plugin must be (at least for Quakus that's how it worked for me) in your connection string as query params and also don't forget to change the driver.
But in order to properly
Final example:
quarkus.datasource.jdbc.driver=software.amazon.jdbc.Driver
quarkus.datasource.jdbc.ur=jdbc:postgresql://localhost:5432/postgres_db? iamHost=<AWS_HOST>?iamRegion=<AWS_REGION>...