search

mothership / rds-auth-proxy

A "passwordless" login experience for your AWS RDS
https://mothership.github.io/rds-auth-proxy/
MIT License
35 stars 5 forks source link

Aws redshift proxy #16

Open JacobJohansen opened 2 years ago

JacobJohansen commented 2 years ago

adds the ability to proxy redshift to the client; depends on aws auth client proxy only

mothershipper commented 2 years ago

This is awesome!

It may take me a week or two to merge, there are a couple things I'd like to address outside of this PR and then rebase this on top of that -- the primary concern is just around making it easier to extend/add other engines (we've been thinking about adding elasticache/redis support).

There are a couple things we need to work out to make it happen:

  1. For the client TUI, we probably need a way to segment by the kind of resource being accessed, i.e. rds-auth-proxy postgres client, rds-auth-proxy redis client so we spawn the right kind of proxy.
  2. For the both the server/client, we're going to want a way to enable/disable engines, so you don't have to overload an IAM user or role with permissions if you don't want to enable the engine.
  3. We probably want to avoid clobbering target names, we're already at risk of doing that if the user manually specifies a target in the config - it just becomes more likely as we add more engines.