[FEATURE REQUEST] Support AWS RDS Proxy IAM Authentication #1688
Description
Is your feature request related to a problem? If so, please give a short summary of the problem and how the feature would resolve it
Tedious currently does not support authentication with AWS RDS Proxy when using IAM database authentication. According to AWS documentation, the standard password field is not used for these connections; instead, a token-based authentication flow is required. Attempting to use the IAM token as a password does not work. This limits the ability to securely connect to SQL Server databases behind RDS Proxy using Tedious when IAM authentication is required.
Describe the preferred solution
Add native support in Tedious for AWS RDS Proxy IAM authentication. This would involve implementing the necessary authentication flow so that Tedious can properly connect to RDS Proxy endpoints using IAM tokens, per AWS requirements. Ideally, the connection config would support a new authentication type or options specific to AWS RDS/IAM, similar to the current Azure AD token support.
Describe alternatives you've considered
- Passing the IAM token as the password (does not work)
- Using other drivers or external tools to handle the authentication, which adds complexity and is not ideal
- Requesting AWS or the community for a wrapper/adapter but would prefer native Tedious support
Additional context
Many organizations use AWS RDS Proxy for security and scalability, and IAM database authentication is increasingly the recommended way to connect securely. Tedious adding this feature would improve support for cloud-native and secure SQL Server deployments.
Reference Documentations/Specifications