Merge pull request aws-samples#2898 from jojo786/jojo786-feature-apigw-lambda-dsql

feature-apigw-lambda-dsql: use Aurora DSQL Connectors for Python

Author: julianwood

apigw-lambda-dsql/README.md

@@ -2,7 +2,7 @@
 
  Amazon Aurora DSQL is the fastest serverless, distributed SQL database with active-active high availability and multi-Region strong consistency. Aurora DSQL enables you to build always available applications with virtually unlimited scalability, the highest availability, and zero infrastructure management. It is designed to make scaling and resilience effortless for your applications and offers the fastest distributed SQL reads and writes.
 
-This pattern deploys a API Gateway REST API, Lambda function and an Aurora DSQL PostgreSQL cluster.
+This pattern deploys a API Gateway REST API, Lambda function and an Aurora DSQL PostgreSQL cluster. The Lambda function uses Aurora DSQL Connectors for Python that simplify IAM authorization for customers using standard PostgreSQL drivers to connect to Aurora DSQL clusters. 
 
 Learn more about this pattern at [Serverless Land Patterns](https://serverlessland.com/patterns/apigw-lambda-dsql)
 

apigw-lambda-dsql/apigw-lambda-dsql apigw-lambda-dsql/apigw-lambda-dsql.jsonapigw-lambda-dsql/apigw-lambda-dsql renamed to apigw-lambda-dsql/apigw-lambda-dsql.json

@@ -33,6 +33,10 @@
             {
                 "text": "Amazon Aurora DSQL samples",
                 "link": "https://github.com/aws-samples/aurora-dsql-samples/tree/main/python"
+            },
+            {
+                "text": "Connectors for Aurora DSQL",
+                "link": "https://aws.amazon.com/about-aws/whats-new/2025/11/aurora-dsql-python-node-js-jdbc-connectors-iam/"
             }
         ]
     },

apigw-lambda-dsql/example-pattern.json

@@ -1,36 +1,22 @@
-#Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+    #Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 #SPDX-License-Identifier: MIT-0
 
 import json
-import boto3
-import psycopg2
-import psycopg2.extensions
+import aurora_dsql_psycopg2 as dsql
 import os
 
 cluster_endpoint = os.environ['cluster_endpoint']
 region = os.environ['AWS_REGION']
 
-client = boto3.client("dsql", region_name=region)
-
 def lambda_handler(event, context):
-    # Generate a fresh password token for each connection, to ensure the token is not expired when the connection is established
-    password_token = client.generate_db_connect_admin_auth_token(cluster_endpoint, region)
-
-    conn_params = {
-        "dbname": "postgres",
-        "user": "admin",
-        "host": cluster_endpoint,
-        "port": "5432",
-        "sslmode": "require",
-        "password": password_token
+    config = {
+        'host': cluster_endpoint,
+        'region': region,
+        'user': "admin",
     }
 
-     # Use the more efficient connection method if it's supported.
-    if psycopg2.extensions.libpq_version() >= 170000:
-        conn_params["sslnegotiation"] = "direct"
-
-     # Make a connection to the cluster
-    conn = psycopg2.connect(**conn_params)
+    # Make a connection to the cluster
+    conn = dsql.connect(**config)
 
     try:
         with conn.cursor() as cur:

apigw-lambda-dsql/src/app.py

@@ -1,3 +1,3 @@
 psycopg2-binary>=2.9
 botocore>=1.35.74
-boto3>=1.35.74
+aurora-dsql-python-connector

apigw-lambda-dsql/src/requirements.txt

@@ -27,7 +27,7 @@ Resources:
         - Statement:
             - Effect: Allow
               Action:
-                - dsql:DbConnectAdmin
+                - dsql:DbConnectAdmin #IAM action dsql:DbConnectAdmin required to connect to the cluster.
               Resource:
                 - !Sub arn:${AWS::Partition}:dsql:${AWS::Region}:${AWS::AccountId}:cluster/${DSQL}
       Environment: # Function environment variables
@@ -42,12 +42,12 @@ Resources:
             Method: get
 
   DSQL:
-    Type: AWS::DSQL::Cluster
+    Type: AWS::DSQL::Cluster #Creates a single-Region DSQL cluster
     Properties:
       DeletionProtectionEnabled: false
       Tags:
         - Key: project
-          Value: "apigw-lambda-dsql"
+          Value: "apigw-lambda-dsql"  
 
 Outputs:
   # ServerlessRestApi is an implicit API created out of Events key under Serverless::Function