Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

IAM Authentication to RDS Aurora Serverless PostgreSQL Proxy (Non-Public)

0

I have a non-public DB Cluster & a Proxy (Aurora RDS PostgreSQL Serverless v2 13.7). It's in a VPC with private subnets. The Security Group is same for both Cluster and Proxy. Inbound rule allows TCP for Self Referenced Security Group on 5432 port. Outbound rule allows all traffic (0.0.0.0/0).

I have a Lambda function (Python) in the same VPC, subnets and Security Group. I have also created an IAM user and attached a Policy for rds-db:connect. Likewise, I have a similar policy attached to the Lambda also for rds-db:connect. I manually created this IAM user into PG database, but without password and attached rds_iam role.

However, I tried various ways to authenticate with the Proxy using IAM, but nothing seems to be working. I would really appreciate, if someone can please provide the code sample for this in Python. I am not even sure which certificate to use. Please help.

Temas
Sin servidorCálculoBase de datos
Etiquetas
Sin servidorAWS LambdaAurora PostgreSQL
Idioma
English
rePost-User-4110171
preguntada hace 2 años926 visualizaciones
1 Respuesta
0

From your query, I could understand that you wanted to authenticate RDS Aurora Serverless Postgresql proxy using IAM_Authentication. I would like to inform that currently Aurora Serverless (Both MySQL and PostgreSQL) does not support IAM DB authentication, this is also listed in the public facing documentation linked below:

[+] Using Amazon Aurora Serverless - Limitations of Aurora Serverless - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations

That being said, there is an existing feature request for incorporating the "IAM DB Authentication" for Aurora Serverless clusters. I have added your concern to justify the feature request indicating your interest in the availability of this feature. Meanwhile, I request you to keep an eye on our What's New[1] and Blog pages[2] for any new feature announcements.

References:

[1] https://aws.amazon.com/new/
[2] https://aws.amazon.com/blogs/aws/

AWS
Varaha Sai_A
respondido hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante