Hi,
we have the next code deployed on a Lambda:
async function getToken(hostname, port, username, region) {
// Security relies on temporal IAM tokens instead of passwords + TLS encryption.
const signer = new Signer({
hostname: hostname,
port: port,
username: username,
region: region,
});
return await signer.getAuthToken();
}
export const databaseProviders = [
{
provide: 'SEQUELIZE',
useFactory: async () => {
const hostname = process.env.DB_HOSTNAME;
const port = Number(process.env.DB_PORT);
const dbname = process.env.DB_NAME;
const username = process.env.DB_USERNAME;
const region = process.env.AWS_REGION;
const token = await getToken(hostname, port, username, region);
const sequelize = new Sequelize({
host: hostname,
dialect: 'mysql',
database: dbname,
username: username,
password: token,
port: port,
dialectOptions: {
ssl: 'Amazon RDS',
authPlugins: {
mysql_clear_password: () => () => {
return token;
},
},
},
});
return sequelize;
},
},
];
This always worked perfectly fine both locally and deployed on the cloud, but suddenly stopped working locally. By logging the token I found that, when invoked locally, the signer returns a temporal token WITHOUT X-Amz-Security-Token (when invoked on the cloud, X-Amz-Security-Token is present).
Could it be some change in IAM deployed by AWS recently?
Thanks in advance,
Franco
AWS OFFICIALUpdated 2 years ago