diff --git a/.github/workflows/typescript-type-orm-integ-tests.yml b/.github/workflows/typescript-type-orm-integ-tests.yml index 86b771e5..43a85304 100644 --- a/.github/workflows/typescript-type-orm-integ-tests.yml +++ b/.github/workflows/typescript-type-orm-integ-tests.yml @@ -53,7 +53,6 @@ jobs: REGION: ${{ secrets.TYPESCRIPT_TYPE_ORM_CLUSTER_REGION }} run: | npm install - wget https://www.amazontrust.com/repository/AmazonRootCA1.pem -O root.pem npm run build npm run migrations-drop-table npm run migrations-create-table diff --git a/javascript/node-postgres/src/index.js b/javascript/node-postgres/src/index.js index e88917bd..81b9977c 100644 --- a/javascript/node-postgres/src/index.js +++ b/javascript/node-postgres/src/index.js @@ -21,20 +21,15 @@ async function getConnection(clusterEndpoint, user, region) { signer.user = user; token = await signer.getDbConnectAuthToken() } - // - // By default `rejectUnauthorized` is true in TLS options - // - // The config does not offer any specific parameter to set sslmode to verify-full - // Settings are controlled either via connection string or by setting - // rejectUnauthorized to false in ssl options let client = new Client({ host: clusterEndpoint, user: user, password: token, database: "postgres", port: 5432, - // for version 8.0 - ssl: true + ssl: { + rejectUnauthorized: true, + } }); // Connect diff --git a/javascript/postgres-js/src/index.js b/javascript/postgres-js/src/index.js index 4a921290..cc3ab5a8 100644 --- a/javascript/postgres-js/src/index.js +++ b/javascript/postgres-js/src/index.js @@ -18,7 +18,9 @@ async function getConnection(clusterEndpoint, user, region) { database: "postgres", port: 5432, idle_timeout: 2, - ssl: true, + ssl: { + rejectUnauthorized: true, + } // max: 1, // Optionally set maximum connection pool size }) diff --git a/typescript/sequelize/README.md b/typescript/sequelize/README.md index f1d6418b..96d8a236 100644 --- a/typescript/sequelize/README.md +++ b/typescript/sequelize/README.md @@ -52,15 +52,6 @@ It should output something similar to `Version 5.6.x` or higher. [Using database roles with IAM roles](https://docs.aws.amazon.com/aurora-dsql/latest/userguide/using-database-and-iam-roles.html) guide. -### Download the Amazon root certificate from the official trust store - -Download the Amazon root certificate from the official trust store. This example shows one of the available certs that -can be used by the client. Other certs such as AmazonRootCA2.pem, AmazonRootCA3.pem, etc. can also be used. - -``` -wget https://www.amazontrust.com/repository/AmazonRootCA1.pem -O root.pem -``` - ### Run the code The example demonstrates the following operations: diff --git a/typescript/sequelize/src/index.ts b/typescript/sequelize/src/index.ts index 616387e3..5b20e961 100644 --- a/typescript/sequelize/src/index.ts +++ b/typescript/sequelize/src/index.ts @@ -32,8 +32,8 @@ async function getSequelizeConnection(): Promise { clientMinMessages: 'ignore', // This is essential skipIndexes: true, ssl: { - mode: 'verify-full' - }, + rejectUnauthorized: true, + } }, pool: { max: 5, diff --git a/typescript/type-orm/README.md b/typescript/type-orm/README.md index 39b9809a..3e049077 100644 --- a/typescript/type-orm/README.md +++ b/typescript/type-orm/README.md @@ -43,15 +43,6 @@ The code automatically detects the user type and adjusts its behavior accordingl [Using database roles with IAM roles](https://docs.aws.amazon.com/aurora-dsql/latest/userguide/using-database-and-iam-roles.html) guide. -### Download the Amazon root certificate from the official trust store - -Download the Amazon root certificate from the official trust store. This example shows one of the available certs that -can be used by the client. Other certs such as AmazonRootCA2.pem, AmazonRootCA3.pem, etc. can also be used. - -``` -wget https://www.amazontrust.com/repository/AmazonRootCA1.pem -O root.pem -``` - ### Set up environment for examples ``` diff --git a/typescript/type-orm/package.json b/typescript/type-orm/package.json index a5236ccd..5b2f1413 100644 --- a/typescript/type-orm/package.json +++ b/typescript/type-orm/package.json @@ -9,8 +9,7 @@ "migrations-run": "npm run typeorm migration:run -- -d ./dist/src/data-source --transaction none", "migrations-revert": "npm run typeorm migration:revert -- -d ./dist/src/data-source --transaction none", "build:compile": "tsc --build", - "build:copy": "mkdir -p dist/src && cp root.pem dist/src", - "build": "npm-run-all build:compile build:copy", + "build": "npm-run-all build:compile", "clean": "rm -rf build && rm -rf dist", "typeorm": "ts-node ./node_modules/typeorm/cli.js", "start": "node dist/index.js", diff --git a/typescript/type-orm/src/create-migrations-table.ts b/typescript/type-orm/src/create-migrations-table.ts index 7e108931..e0677c70 100644 --- a/typescript/type-orm/src/create-migrations-table.ts +++ b/typescript/type-orm/src/create-migrations-table.ts @@ -33,7 +33,6 @@ const createMigrationsTable = async () => { port: 5432, database: "postgres", ssl: { - ca: fs.readFileSync(path.join(__dirname, "root.pem")), rejectUnauthorized: true, }, }); diff --git a/typescript/type-orm/src/data-source.ts b/typescript/type-orm/src/data-source.ts index 2bee539c..a5203bb7 100644 --- a/typescript/type-orm/src/data-source.ts +++ b/typescript/type-orm/src/data-source.ts @@ -33,7 +33,6 @@ const getDataSource = async () => { password: token, database: "postgres", ssl: { - ca: fs.readFileSync(path.join(__dirname, "root.pem")), rejectUnauthorized: true, }, synchronize: false, diff --git a/typescript/type-orm/src/drop-migrations-table.ts b/typescript/type-orm/src/drop-migrations-table.ts index 3412eb4a..02039391 100644 --- a/typescript/type-orm/src/drop-migrations-table.ts +++ b/typescript/type-orm/src/drop-migrations-table.ts @@ -31,7 +31,6 @@ const dropMigrationsTable = async () => { port: 5432, database: "postgres", ssl: { - ca: fs.readFileSync(path.join(__dirname, "root.pem")), rejectUnauthorized: true, }, });