Add extra connection host for AWS RDS IAM token

postgresql/config.go

@@ -169,6 +169,7 @@ type ClientCertificateConfig struct {
 type Config struct {
 	Scheme                          string
 	Host                            string
+	AWSIAMDBAuthTokenHost           string
 	Port                            int
 	Username                        string
 	Password                        string
@@ -248,7 +249,7 @@ func (c *Config) connParams() []string {
 }
 
 func (c *Config) connStr(database string) string {
-	host := c.Host
+	host = c.Host
 	// For GCP, support both project/region/instance and project:region:instance
 	// (The second one allows to use the output of google_sql_database_instance as host
 	if c.Scheme == "gcppostgres" {

postgresql/provider.go

@@ -3,9 +3,10 @@ package postgresql
 import (
 	"context"
 	"fmt"
+	"os"
+
 	"github.com/aws/aws-sdk-go-v2/credentials"
 	"github.com/aws/aws-sdk-go-v2/service/sts"
-	"os"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
@@ -43,7 +44,7 @@ func Provider() *schema.Provider {
 				Type:        schema.TypeString,
 				Optional:    true,
 				DefaultFunc: schema.EnvDefaultFunc("PGHOST", nil),
-				Description: "Name of PostgreSQL server address to connect to",
+				Description: "Name of PostgreSQL server address",
 			},
 			"port": {
 				Type:        schema.TypeInt,
@@ -99,6 +100,13 @@ func Provider() *schema.Provider {
 				Description: "AWS IAM role to assume for IAM auth",
 			},
 
+			"aws_rds_iam_token_host": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("PGHOST", nil),
+				Description: "Name of PostgreSQL server address for AWS RDS IAM to get token",
+			},
+
 			"azure_identity_auth": {
 				Type:     schema.TypeBool,
 				Optional: true,
@@ -345,11 +353,16 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 
 	var password string
 	if d.Get("aws_rds_iam_auth").(bool) {
+		awsIAMTokenHost := d.Get("aws_rds_iam_token_host").(string)
+		if awsIAMTokenHost == "" {
+			awsIAMTokenHost = host
+		}
+
 		profile := d.Get("aws_rds_iam_profile").(string)
 		region := d.Get("aws_rds_iam_region").(string)
 		role := d.Get("aws_rds_iam_provider_role_arn").(string)
 		var err error
-		password, err = getRDSAuthToken(region, profile, role, username, host, port)
+		password, err = getRDSAuthToken(region, profile, role, username, awsIAMTokenHost, port)
 		if err != nil {
 			return nil, err
 		}
@@ -370,6 +383,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 	config := Config{
 		Scheme:                          d.Get("scheme").(string),
 		Host:                            host,
+		AWSIAMDBAuthTokenHost:           awsIAMTokenHost,
 		Port:                            port,
 		Username:                        username,
 		Password:                        password,