Hello Mike, Thanks for your insight and response.
Just want to let you know that, we are using scoped_session with a session_factory object to db connections. Does this approach still suitable for connections using session ? Also, we have custom module where we have separate functions for generating an engine and creating session object and we import this custom module in other application python files to create and close sessions accordingly. Thanks, Pavan. On Wednesday, June 17, 2020 at 5:35:59 AM UTC-7, Mike Bayer wrote: > > We're going to need an FAQ entry for this since this now comes up > regularly for everyone using AWS. > > There are two methods to manipulate the parameters sent to connect that > are independent of the URL. They are both described now at > https://docs.sqlalchemy.org/en/13/core/engines.html#custom-dbapi-args and > you probably want to use the "do_connect" event. > > so you have the pool_recycle, that's good. the next part is the event is > like this: > > from sqlalchemy import event > > db = create_engine('mysql://<aws url>') > > @event.listens_for(db, "do_connect") > def receive_do_connect(dialect, conn_rec, cargs, cparams): > secret = get_new_secret() > cparams['password'] = secret > > Above assumes you are setting just the password, but "cargs, cparams" are > the literal arguments passed to mysqldb.connect(), so you can put whatever > you need into either of those collections (modify the list and/or > dictionary in place). I'm assuming you have some function that can > retrieve the latest credentials. > > On Wed, Jun 17, 2020, at 1:28 AM, Venkata Siva Naga Tatikonda wrote: > > Hello Everyone, > > Need some suggestion/insight on some use case we have: > > We have python django web application which uses sqlalchemy v1.3.13 > (mysqldb) to communicate with AWS Aurora (RDS). This application uses AWS > Secrets Manager for managing database credentials and utilizing sqlalchemy > (w/ mysqldb & queuepool) to read user/password during application start-up > via settings.py/manage.py. > > For security reasons, we have to rotate database credentials frequently > and for that we are using AWS Lambda to update in the Aurora DB & secrets > manager. We are using pool_recycle w/ 5 mins and also MYSQL database issues > a disconnect if there is any connection is open & idle for more than 8 > hours, so when this happens and pool creates a new connection then it fails > the authentication. We don't see anyway for engine object to > reload/refresh/re-read updated credentials other than re-deploying or > restarting our services for this issue. > > Is there any documentation on how we could re-create/reload engine or > other mechanisms to handle/address this situation ? > > > Thanks, > Pavan. > > > -- > SQLAlchemy - > The Python SQL Toolkit and Object Relational Mapper > > http://www.sqlalchemy.org/ > > To post example code, please provide an MCVE: Minimal, Complete, and > Verifiable Example. See http://stackoverflow.com/help/mcve for a full > description. > --- > You received this message because you are subscribed to the Google Groups > "sqlalchemy" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to sqlal...@googlegroups.com <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/sqlalchemy/ed50fe16-f759-4d14-a111-62457f4009c5o%40googlegroups.com > > <https://groups.google.com/d/msgid/sqlalchemy/ed50fe16-f759-4d14-a111-62457f4009c5o%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- SQLAlchemy - The Python SQL Toolkit and Object Relational Mapper http://www.sqlalchemy.org/ To post example code, please provide an MCVE: Minimal, Complete, and Verifiable Example. See http://stackoverflow.com/help/mcve for a full description. --- You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To unsubscribe from this group and stop receiving emails from it, send an email to sqlalchemy+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sqlalchemy/a74188cd-aeba-4b27-a9b4-fac4b368cfa4o%40googlegroups.com.
