feat: IAM database authentication

Question

feat: IAM database authentication

a7i opened this issue a year ago · 4 comments

Support IAM database authentication: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html

kine only supports username/password or cert-based auth which makes it a bit challenging for organizations with compliance to use short-lived credentials. Supporting IAM database auth eases the rotation and management of credentials.

Answer 1 · 2023-11-17T17:59:38.000Z

Can you suggest any golang mysql or postgres drivers that support this? It looks fairly non-trivial to enable, as credentials are currently part of the datastore dsn and we leave their extraction up to the driver.

Answer 2 · 2023-11-17T18:49:37.000Z

Hey @brandond I see, I did not realize that kine just relies on the drivers (it makes sense). So I would need to make the change in this driver: https://github.com/go-sql-driver/mysql

Answer 3 · 2023-11-17T19:09:58.000Z

and github.com/jackc/pgx for postgres

Answer 4 · 2023-11-17T19:11:24.000Z

Thanks @brandond 🎉 , I'll go ahead and close this Issue then