mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-10-31 10:39:30 +00:00
7d2f8dc2bb
* ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Changed intial implementation accordingly. Added better flexibility for different auth prodvider impl * ISSUE-11740: Clean up unnecessary classes * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Clean up unnecessary properties * ISSUE-11740: Code formatting * ISSUE-11740: Added support for the om service to connect to AWS RDS using IAM roles * ISSUE-11740: Moved docs to 1.2 version --------- Co-authored-by: artiom.darie <artiom.darie@adswizz.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
917 B
917 B
| title | slug |
|---|---|
| How to enable AWS RDS IAM Auth on postgresql | /how-to-guides/aws/index.md |
Aws resources on Rds IAM Auth
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html
Requirements
- AWS Rds Cluster with IAM auth enabled
- User on Db Cluster with iam enabled
- IAM policy with permission on rds connect
- Role with IAM policy attached
- IAM role attached to ec2 instance on which openmetadata is deployed or ServiceAccount/Kube2Iam role attached to pod
How to enable ADS RDS IAM Auth on postgresql
Set environment variables
AWS_ENABLE_IAM_DATABASE_AUTHENTICATION: true
AWS_REGION: your_region
DB_PARAMS: "allowPublicKeyRetrieval=true&sslmode=require&serverTimezone=UTC"
Either through helm (if deployed in kubernetes) or as env vars
Note
The DB_USER_PASSWORD is still required and cannot be empty. Set it to a random/dummy string.