About the Connector Quick start guide Configuration Options Authentication Sample usage

Aurora DSQL Connector for Postgres.js

The Aurora DSQL Connector for Postgres.js is a Node.js connector built on Postgres.js that integrates IAM Authentication for connecting JavaScript applications to Amazon Aurora DSQL clusters.

The Aurora DSQL Connector for Postgres.js is designed as an authentication plugin that extends the functionality of the Postgres.js client to enable applications to authenticate with Amazon Aurora DSQL using IAM credentials. The connector does not connect directly to the database, but provides seamless IAM authentication on top of the underlying Postgres.js driver.

About the Connector

Amazon Aurora DSQL is a distributed SQL database service that provides high availability and scalability for PostgreSQL-compatible applications. Aurora DSQL requires IAM-based authentication with time-limited tokens that existing Node.js drivers do not natively support.

The idea behind the Aurora DSQL Connector for Postgres.js is to add an authentication layer on top of the Postgres.js client that handles IAM token generation, allowing users to connect to Aurora DSQL without changing their existing Postgres.js workflows.

The Aurora DSQL Connector for Postgres.js works with most versions of Postgres.js. Users provide their own version by installing Postgres.js directly.

What is Aurora DSQL Authentication?

In Aurora DSQL, authentication involves:

IAM Authentication: All connections use IAM-based authentication with time-limited tokens
Token Generation: Authentication tokens are generated using AWS credentials and have configurable lifetimes

The Aurora DSQL Connector for Postgres.js is designed to understand these requirements and automatically generate IAM authentication tokens when establishing connections.

Features

Automatic IAM Authentication - Handles DSQL token generation and refresh
Built on Postgres.js - Leverages the fast PostgreSQL client for Node.js
Seamless Integration - Works with existing Postgres.js connection patterns
Region Auto-Discovery - Extracts AWS region from DSQL cluster hostname
Full TypeScript Support - Provides full type safety
AWS Credentials Support - Supports various AWS credential providers (default, profile-based, custom)
Connection Pooling Compatibility - Works seamlessly with Postgres.js’ built-in connection pooling

Quick start guide

Requirements

Node.js 20+
Access to an Aurora DSQL cluster
Set up appropriate IAM permissions to allow your application to connect to Aurora DSQL.
AWS credentials configured (via AWS CLI, environment variables, or IAM roles)

Installation


npm install @aws/aurora-dsql-postgresjs-connector
# Postgres.js is a peer-dependency, so users must install it themselves
npm install postgres

Basic Usage


import { auroraDSQLPostgres } from '@aws/aurora-dsql-postgresjs-connector';

const sql = auroraDSQLPostgres({
  host: 'your-cluster.dsql.us-east-1.on.aws',
  username: 'admin',
    
});

// Execute queries
const result = await sql`SELECT current_timestamp`;
console.log(result);

// Clean up
await sql.end();

Using cluster ID instead of host


const sql = auroraDSQLPostgres({
  host: 'your-cluster-id',
  region: 'us-east-1',
  username: 'admin',
    
});

Connection String


const sql = AuroraDSQLPostgres(
  'postgres://admin@your-cluster.dsql.us-east-1.on.aws'
);

const result = await sql`SELECT current_timestamp`;

Advanced Configuration


import { fromNodeProviderChain } from '@aws-sdk/credential-providers';

const sql = AuroraDSQLPostgres({
  host: 'your-cluster.dsql.us-east-1.on.aws',
  database: 'postgres',
  username: 'admin',
  customCredentialsProvider: fromNodeProviderChain(), // Optionally provide custom credentials provider
  tokenDurationSecs: 3600,                            // Token expiration (seconds)
  
  // Standard Postgres.js options
  max: 20,                              // Connection pool size
  ssl: { rejectUnauthorized: false }    // SSL configuration
});

Configuration Options

Option	Type	Required	Description
`host`	`string`	Yes	DSQL cluster hostname or cluster ID
`database`	`string?`	No	Database name
`username`	`string?`	No	Database username (uses admin if not provided)
`region`	`string?`	No	AWS region (auto-detected from hostname if not provided)
`customCredentialsProvider`	`AwsCredentialIdentityProvider?`	No	Custom AWS credentials provider
`tokenDurationSecs`	`number?`	No	Token expiration time in seconds

All standard Postgres.js options are also supported.

Authentication

The connector automatically handles DSQL authentication by generating tokens using the DSQL client token generator. If the AWS region is not provided, it will be automatically parsed from the hostname provided.

For more information on authentication in Aurora DSQL, see the user guide.

Admin vs Regular Users

Users named "admin" automatically use admin authentication tokens
All other users use regular authentication tokens
Tokens are generated dynamically for each connection

Sample usage

JavaScript examples using the Aurora DSQL Connector for Postgres.js are available on GitHub. For instructions on how to run the examples, refer to the examples directory.

Description	Example
Connection pooling with concurrent queries, including table creation, inserts, and reads across multiple workers	Connection pool example (preferred)
CRUD operations (create table, insert, select, delete) without connection pooling	Example without connection pool

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

node-postgres connector

Ruby connector