I read from: https://aws.amazon.com/blogs/database/using-the-data-api-to-interact-with-an-amazon-aurora-serverless-mysql-database/
The RDSDataService client also supports parameterized queries by allowing you to use placeholder parameters in SQL statements. Escaped input values permit the resolution of these parameters at runtime. Parameterized queries are useful to prevent SQL injection attacks.
But when I use it with Postgres, pass string: myname's and it breaks my SQL syntax. I don't sure how RDSDataService deal with SQL injection attacks as they written in document.
Could anyone can help me explain this? and how to deal safe SQL String in this case?
UPDATED: Sorry for my bad. RDSDataService already escaped string literal when using Parameterized queries.
