Authentication methods How it works More information
Connect with AWS Secrets
Manager A database administrator can
store credentials for a database as a secret in Secrets Manager.
Secrets Manager encrypts and stores the credentials within the secret as the protected secret text.
When an application with permissions accesses the database, Secrets Manager decrypts the protected secret text and returns it over a secured channel. The client parses the returned credentials, connection string, and any other required information and then uses that information to access the database.
• What is AWS Secrets Manager?
in the AWS Secrets Manager User Guide.
• Tutorial: Rotating a secret for an AWS database in the AWS Secrets Manager User Guide.
• AWS Security Blog: Rotate Amazon RDS database credentials automatically with Secrets Manager.
Working with Amazon RDS databases using DataGrip
After you've connected to an Amazon RDS data source, you can start interacting with it. By using DataGrip from JetBrains, you can carry out database tasks such as writing SQL, running queries, and importing/exporting data. Features provided by DataGrip are also available in the database plugin for a range of JetBrains IDEs. For information about DataGrip, see https://www.jetbrains.com/datagrip/.
Connecting to an Amazon RDS database
With AWS Explorer, you can select an Amazon RDS database, choose an authentication method, and then configure the connection settings. After you've successfully tested the connection, you can start interacting with the data source using JetBrains DataGrip.
Important
Ensure that you've completed the prerequisites (p. 88) to enable users to access and interact with Amazon RDS databases.
Select a tab for instructions on connecting to a database instance using your preferred authentication method.
Connect with IAM credentials
1. Open AWS Explorer (p. 18), if it isn't already open.
2. Click the Amazon RDS node to expand the list of supported database engines.
3. Click a supported database engine (Aurora, MySQL, or PostgreSQL) node to expand the list of available database instances.
NoteIf you select Aurora, you can choose between expanding a MySQL cluster and a PostgreSQL cluster.
4. Right-click a database and choose Connect with IAM credentials.
NoteYou can also choose Copy Arn to add the database's Amazon Resource Name (ARN) to your clipboard.
Connecting to an Amazon RDS database
5. In the Data Sources and Drivers dialog box, do the following to ensure a database connection can be opened:
• In the Imported Data Sources pane, confirm that the correct the correct data source is selected.
• If a message indicates that you need to Download missing driver files, choose Go to Driver (the wrench icon) to download the required files.
6. In the General tab of the Settings pane, confirm that the following fields display the correct values:
• Host/Port – The endpoint and port used for connections to the database. For Amazon RDS databases hosted in the AWS Cloud, endpoints always end with rds.amazon.com. If you're connecting to a DB instance through a proxy, use these fields to specify the proxy's connection details.
• Authentication – AWS IAM (authentication using IAM credentials).
• User – The name of your database user account.
• Credentials – The credentials used to access your AWS account.
• Region – The AWS Region where the database is hosted.
• RDS Host/Port – The endpoint and port for the database as listed in the AWS Management Console. If you're using a different endpoint to connect to a DB instance, specify the proxy's connection details in the Host/Port fields (described previously).
• Database – The name of the database.
• URL – The URL that the JetBrains IDE will use to connect to the database.
Connecting to an Amazon RDS database
NoteFor a full description of the connection settings that you can configure using the Data sources and drivers dialog box, see the documentation for the JetBrains IDE that you're using.
7. To verify the connection settings are correct, choose Test Connection.
A green check mark indicates a successful test.
8. Choose Apply to apply your settings, and then choose OK to start working with the data source.
The Database tool window opens. This displays the available data sources as a tree with nodes representing database elements such as schemas, tables, and keys.
Important
To use the Database tool window, you must first download and install DataGrip from JetBrains. For more information, see https://www.jetbrains.com/datagrip/.
Connect with Secrets Manager
1. Open AWS Explorer (p. 18), if it isn't already open.
2. Click the Amazon RDS node to expand the list of supported database engines.
3. Click a supported database engine (Aurora, MySQL, or PostgreSQL) node to expand the list of available database instances.
NoteIf you select Aurora, you can choose between expanding a MySQL cluster and a PostgreSQL cluster.
4. Right-click a database and choose Connect with Secrets Manager.
NoteYou can also choose Copy Arn to add the database's Amazon Resource Name (ARN) to your clipboard.
5. In the Select a Database Secret dialog box, use the drop-down field to pick credentials for the database, and then choose Create.
6. In the Data Sources and Drivers dialog box, do the following to ensure a database connection can be opened:
• In the Imported Data Sources pane, confirm that the correct the correct data source is selected.
• If a message indicates that you need to Download missing driver files, choose Go to Driver (the wrench icon) to download the required files.
7. In the General tab of the Settings pane, confirm that the following fields display the correct values:
• Host/Port – The endpoint and port used for connections to the database. For Amazon RDS databases hosted in the AWS Cloud, endpoints always end with rds.amazon.com. If you're connecting to a database through a proxy database, use these fields to specify the proxy's connection details.
• Authentication – SecretsManager Auth (authentication using AWS Secrets Manager).
• Credentials – The credentials used to access your AWS account.
• Region – The AWS Region where the database is hosted.
• Secret Name/ARN – The name and ARN of the secret containing authentication credentials.
To override the connection settings in the Host/Port fields, select the Use the url and port from the secret check box.
• Database – The name of the database instance you selected in AWS Explorer.
Connecting to an Amazon RDS database
• URL – The URL that the JetBrains IDE will use to connect to the database.
NoteIf you're using Secrets Manager for authentication, there are no fields for a user name and password for the database. This information is contained in the encrypted secret data portion of a secret.
NoteFor a full description of the connection settings that you can configure using the Data sources and drivers dialog box, see the documentation for the JetBrains IDE that you're using.
8. To verify the connection settings are correct, choose Test Connection.
A green check mark indicates a successful test.
9. Choose Apply to apply your settings, and then choose OK to start working with the data source.
The Database tool window opens. This displays the available data sources as a tree with nodes representing database elements such as schemas, tables, and keys.
Important
To use the Database tool window, you must first download and install DataGrip from JetBrains. For more information, see https://www.jetbrains.com/datagrip/.
Amazon Redshift