Amazon RDS Proxy announces caching_sha2_password authentication plugin support for client to proxy connections on MySQL on Aurora and RDS.
Customers need to use plugins to perform authentication between databases and clients while using RDS Proxy. Starting with MySQL 8.4, community MySQL uses caching_sha2_password plugin as the default, which is more secure than the previous default plugins. To align with this, starting today, caching_sha2_password will also be the default authentication plugin for new connection creates with RDS Proxy, if a value is not specified.
RDS Proxy is a fully managed and a highly available database proxy for Amazon Aurora and RDS databases. RDS Proxy helps improve application scalability, resiliency, and security. You can setup your RDS Proxy to use caching_sha2_password authentication on all available RDS for MySQL and Aurora MySQL versions with just a few clicks on the Amazon RDS Management Console
or using the AWS SDK
or CLI
. Support for caching_sha2_password with RDS Proxy is available in all AWS Commercial Regions. For more information, including instructions on getting started, read the Amazon RDS Proxy documentation.