Problem
AWS RDS IAM authentication tokens expire every 15 minutes, which makes it impossible to use asyncmy with connection pools that create new connections after token expiry.
Proposed solution
Add an optional password_creator argument to Connection.
If provided, this can be a callable or coroutine returning a fresh password/token each time a new connection is established.
Example
async def create_token():
return boto3.client("rds").generate_db_auth_token(
DBHostname="mydb.cluster.amazonaws.com",
Port=3306,
DBUsername="dbuser",
Region="us-east-1",
)
conn = await asyncmy.connect(
host="mydb.cluster.amazonaws.com",
user="dbuser",
password_creator=create_token,
)Benefits
Enables using AWS RDS IAM authentication seamlessly.
Works with any short-lived or rotating credential system.
Fully backward-compatible (still supports static password).
Status
Implementation and tests ready in PR feature/password-creator.
Problem
AWS RDS IAM authentication tokens expire every 15 minutes, which makes it impossible to use
asyncmywith connection pools that create new connections after token expiry.Proposed solution
Add an optional
password_creatorargument toConnection.If provided, this can be a callable or coroutine returning a fresh password/token each time a new connection is established.
Example
Benefits
Enables using AWS RDS IAM authentication seamlessly.
Works with any short-lived or rotating credential system.
Fully backward-compatible (still supports static password).
Status
Implementation and tests ready in PR feature/password-creator.