Open soham-dasgupta opened 11 months ago
@soham-dasgupta do you have cycles to work on this?
@tdcmeehan we have AWS STS (Security Token Service) in Advanced Identity that can help us to get the temporary credentials for EC2 instances to access AWS resources.
Presto currently supports connecting to Redshift using Username and Password. This raises security question if Presto is managed through CDK. Storing a username and password in a text file is not a good idea from security point of view.
Redshift can generate temporary credentials by using IAM authentication methods where the IAM role is passed using the JDBC connection URL. See Redshift Management Guide
Expected Behavior or Use Case
In addition to username password, Redshift connector should support JDBC URL that has IAM in it
Presto Component, Service, or Connector
Redshift Connector
Possible Implementation
N/A
Example Screenshots (if appropriate):
Context
We are using Presto to build a DPaaS (Data Platform as a Service) that has two components, Data producers and data consumers. Data producers are teams who would like to onboard their data stores to Presto to be used by data consumers. Data producers are not comfortable sharing username and password for their Redshift data warehouses and prefer IAM.