mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-07-29 20:30:19 +00:00
1.6 KiB
1.6 KiB
| title | description | slug | collate |
|---|---|---|---|
| How to enable AWS RDS IAM Auth | Official Documentation | Learn how to securely connect OpenMetadata to AWS RDS using IAM authentication with correct environment variables and configuration best practices. | /deployment/rds-iam-auth | false |
Aws resources on RDS IAM Auth
Requirements
- AWS RDS Cluster with IAM auth enabled
- User on DB Cluster with IAM enabled
- IAM policy with permission on RDS connect
- Role with IAM policy attached
- IAM role attached to an EC2 instance on which openmetadata is deployed or ServiceAccount/Kube2Iam role attached to pod.
How to enable ADS RDS IAM Auth on postgresql
Set the environment variables
DB_USER_PASSWORD: "dummy"
DB_PARAMS: "awsRegion=eu-west-1&allowPublicKeyRetrieval=true&sslmode=require&serverTimezone=UTC"
Either through helm (if deployed in kubernetes) or as env vars.
{% note %}
The DB_USER_PASSWORD is still required and cannot be empty. Set it to a random/dummy string.
{% /note %}
{% note %}
When using IAM authentication for AWS RDS, you must still provide a dummy value for the DB_PASSWORD environment variable. OpenMetadata automatically handles the IAM credentials internally. Ensure the following parameters are set for successful connection:
DB_PARAMS=awsRegion=us-east-1&allowPublicKeyRetrieval=true&serverTimezone=UTCDB_USE_SSL=true
These settings ensure proper token generation and secure communication with the RDS instance.
{% /note %}