Allow callback in ConnectionPool to retrieve new password before connect attempt for RDS IAM Auth

[dspadea]

In order to support IAM-based authentication to AWS RDS databases, there should be a callback in the connection pool to allow getting a new password. The passwords generated via IAM have a short lifetime (15 minutes), so if a reconnect is required, it will fail if using the password initially given at pool creation. By supplying a callback before connecting, a new password can be obtained.

It's more or less got to do this after 15 minutes:

export DB_PASSWORD="$(aws rds generate-db-auth-token --region=$DB_AWS_REGION --hostname "$DB_HOST" --port $DB_PORT --username $DB_USER | xargs urlencode )"

The urlencoded string can then be added straight into the DATABASE_URL.

Some automatic support for this behavior would be a nice addition, as RDS is very popular. A callback is a good generic mechanism to support things that aren't supported in core, but maybe a use_aws_iam_auth helper (via a feature?) which automatically creates a callback for the above would be helpful.

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.Connecting.html

[dspadea]

sigh So I just went spelunking into the code and it looks like this would have to be a thing SQLx does, and I'm not seeing anything of the sort there.

What I do see is set_connect_options, which might have some potential, but I'm not seeing any event-based way to call it. It'd have to be more of a "spin up a thread and call it periodically with the new password" sort of setup, as far as I can tell?