enum DefaultAuthScheme
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.RDS.DefaultAuthScheme |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsrds#DefaultAuthScheme |
 Java | software.amazon.awscdk.services.rds.DefaultAuthScheme |
 Python | aws_cdk.aws_rds.DefaultAuthScheme |
 TypeScript (source) | aws-cdk-lib » aws_rds » DefaultAuthScheme |
The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database.
Example
declare const vpc: ec2.Vpc;
const instance = new rds.DatabaseInstance(this, 'Database', {
engine: rds.DatabaseInstanceEngine.postgres({
version: rds.PostgresEngineVersion.VER_17_7,
}),
vpc,
iamAuthentication: true,
});
const proxy = new rds.DatabaseProxy(this, 'Proxy', {
proxyTarget: rds.ProxyTarget.fromInstance(instance),
vpc,
defaultAuthScheme: rds.DefaultAuthScheme.IAM_AUTH, // No secrets required
});
// Grant IAM permissions for database connection
const role = new iam.Role(this, 'DBRole', { assumedBy: new iam.AccountPrincipal(this.account) });
proxy.grantConnect(role, 'database-user'); // Database user must be specified when using IAM auth
Members
| Name | Description |
|---|---|
| IAM_AUTH | IAM authentication. |
| NONE | No default authentication. |
IAM_AUTH
IAM authentication.
NONE
No default authentication.