Class: Aws::RDS::AuthTokenGenerator

Inherits:
Object
  • Object
show all
Defined in:
lib/aws-sdk-core/rds/auth_token_generator.rb

Overview

The utility class helps generate an auth token that supports database login It provides a method:

  • #auth_token - Computes a login token which is similar to a presigned url

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ AuthTokenGenerator

You need provide an object that responds to `#credentials` returning another object that responds to `#access_key_id`, `#secret_access_key`, and `#session_token`.

For example, you could provide an instance of following classes:

  • `Aws::Credentials`

  • `Aws::SharedCredentials`

  • `Aws::InstanceProfileCredentials`

  • `Aws::AssumeRoleCredentials`

  • `Aws::ECSCredentials`

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):


24
25
26
# File 'lib/aws-sdk-core/rds/auth_token_generator.rb', line 24

def initialize(options = {})
  @credentials = options.fetch(:credentials)
end

Instance Method Details

#auth_token(params) ⇒ String

To create a auth login token, following parameters are required:

Returns:

  • (String)

36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'lib/aws-sdk-core/rds/auth_token_generator.rb', line 36

def auth_token(params)
  region = params.fetch(:region)
  endpoint = params.fetch(:endpoint)
  user_name = params.fetch(:user_name)

  param_list = Aws::Query::ParamList.new
  param_list.set('Action', 'connect')
  param_list.set('DBUser', user_name)

  signer = Aws::Sigv4::Signer.new(
    service: 'rds-db',
    region: region,
    credentials_provider: @credentials
  )
  url = "https://" + endpoint + "/?#{param_list.to_s}"
  presigned_url = signer.presign_url(
    http_method: 'GET',
    url: url,
    body: '',
    expires_in: 900
  ).to_s
  # Remove extra scheme for token
  presigned_url[8..-1]
end