Duckdb driver should look for credentials in the default provider chain for AWS S3

cube-js / cube

📊 Cube — Universal semantic layer platform for AI, BI, spreadsheets, and embedded analytics

https://cube.dev

Other

17.96k stars 1.78k forks source link

Duckdb driver should look for credentials in the default provider chain for AWS S3 #8920

Open GabeInDevOps opened 2 weeks ago

GabeInDevOps commented 2 weeks ago

Rather than needing to create, manage and pass an AWS Access and Secret key for the Duckdb driver to read from S3, it should look for credentials in the default provider chain. This is best practice and helps increase the security posture of Cube.

This can be fixed by running the following against duckdb:

CREATE SECRET (
      TYPE S3,
      PROVIDER CREDENTIAL_CHAIN
  );