jbct
commented
1 year ago Thank you for the request, Arun. We've noted this as an enhancement request.
Open dontirun opened 1 year ago
jbct
commented
1 year ago Thank you for the request, Arun. We've noted this as an enhancement request.
dontirun
commented
7 months ago It may be easier to do this now given that Secrets Manager has native support for secret rotation with Redshift Serverless
Summary:
Support admin user rotation for Redshift Serverless Namespaces using the update_namespace API
Details
Redshift Serverless separates out database (namespace) and compute (workgroup) into distinct resources. Generally a workgroup is associated with a namespace and a user will connect to the workgroup to query databases on the associated namespace. However, this association is mutable. A workgroup can be disassociated from a namespace, re-associated with a new namespace, or deleted.
This makes rotating users through a workgroup connection unreliable. That being said, Redshift Serverless offers an update_namespace API which can be used to update the Admin username/password combination.
It would be helpful to have a Rotation Lambda that leveraged that API for Admin user roatation