Unable to sign request without credentials set

[Plaristote]

Greetings ! I've been unable to open a connection to an RDS Aurora database, and I'm no expert on AWS API, so I might've been missing something obvious...

But it seems to me like Aws::RDSDataService::Client requires a credentials parameter. The readme doesn't specify how these credentials are supposed to be given. I'm not sure it can be done through the config file.

I've been able to solve the issue by patching this gem, by editing lib/active_record/connection_adapters/aurora_serverless/client.rb and adding the following line just before the instantiation of the Aws::RDSDataService::Client:

  options[:credentials] = Aws::Credentials.new options[:access_key]["id"], options[:access_key]["secret"]

I am then able to add my credentials to my config file as such:

aurora: &aurora
  adapter: aurora_serverless
  region: 'eu-west-2'
  access_key:
    id: "access_key_id"
    secret: "secret_access_key"
  resource_arn: "---"
  secret_arn: "---"

And it seems to work (I don't have access to any aws resource yet, but it seems to work).
I'm wondering:

• If there's another way to do that, shouldn't we talk about it in the README ?
• Or should I make a PR so we can work on implementing that in the gem ? And if so, any hints on how you'd want this to be done ?

[metaskills]

Interesting, in my code I am not using credentials, only secret_arn and resource_arn described in the usage section. https://github.com/customink/activerecord-aurora-serverless-adapter#usage

Your usage may be different tho and highlight some more docs. I suspect you are using the gem on something that does not have an IAM Role? On EC2, Containers, Lambda, we use that along with some policies to ensure the workload can access things. More details here that like should be in the Usage section. https://technology.customink.com/blog/2020/01/03/migrate-your-rails-app-from-heroku-to-aws-lambda/