This page summarizes the AlloyDB Language Connectors and how to use them with your clusters.
AlloyDB Language Connectors are libraries that provide automated mTLS with TLS 1.3 and Identity and Access Management (IAM) authorization when connecting to an AlloyDB for PostgreSQL instance. AlloyDB Language Connectors create authorized connections to the proxy-side server on behalf of a user's application and pass that connection to the application's database driver. They don't provide a network path to an AlloyDB instance if one is not already present.
AlloyDB supports the following AlloyDB Language Connectors:
You can use AlloyDB Language Connectors to connect to your AlloyDB cluster.
Benefits of AlloyDB Language Connectors
AlloyDB Language Connectors provide the following benefits when connecting to a AlloyDB cluster:
- Access control: Uses IAM (IAM) permissions to control who or what can connect to your AlloyDB instances.
- Convenience: Uses automatic mTLS to provides extended mutual security.
How AlloyDB Language Connectors work
AlloyDB Language Connectors use a client-side component to connect to a proxy server on the AlloyDB cluster. The connector creates a temporary certificate that authorizes the holder to connect to the server-side proxy. The server-side proxy limits access to the AlloyDB database by requiring a valid TLS certificate in order to connect.
You can use AlloyDB Language Connectors with private IP or public IP. AlloyDB Language Connectors default to a private IP connection. To connect to your AlloyDB cluster using AlloyDB Language Connectors, see Connect using the AlloyDB Language Connectors.
AlloyDB Language Connectors use built-in authentication by default. You can set up your AlloyDB Language Connectors to use Automatic IAM Authentication. For more information on how to enable this on your connection, see Connect using AlloyDB Language Connectors.
You can also to connect to a AlloyDB cluster using the AlloyDB Proxy. For more information about connecting to a AlloyDB cluster, see Connections.