Redshift Authorizer
Overview
This package utilizes AWS SSM Parameter Store and federated authentication to Redshift via IAM to retrieve temporary and secure Redshift credentials. It then initiates a connection to Redshift using the pg-promise library.
Requirements
- An AWS IAM role with permission to call the GetClusterCredentials action
- Redshift connection information (minus a password) stored in SSM Parameter Store
Usage
const RedshiftAuthorizer = require('redshift-authorizer')
// Following suggested convention, prefix environment to your parameter names
const prefix = `/${process.env.NODE_ENV || 'production'}`
const db = RedshiftAuthorizer.getDbConnection(`${prefix}/redshift`)
.then(db => db.any('SELECT usesysid FROM pg_user LIMIT 1', [true]))
.then(console.log)
.catch(console.error)