IAM Role-Based Auth Support for AWS RDS | Voters

IAM Role-Based Auth Support for AWS RDS

Sean Matt

The use of static credentials to establish a persistent database connection is against security best practices. 
Support for GCP IAM role-based auth has been added, AWS is more widely adopted than GCP. 
https://github.com/blockscout/blockscout/issues/9589
Extracting a DB connection string using AWS service account, as described by the AWS blog doesn't resolve the issue because such strings are invalidated every 15 minutes.
https://aws.amazon.com/ru/blogs/database/using-iam-authentication-to-connect-with-pgadmin-amazon-aurora-postgresql-or-amazon-rds-for-postgresql/
This is a library that seems promising for creating a IAM Role-Based connection for RDS. 
https://github.com/ex-aws/ex_aws
As a stakeholder in this initiative I'm actively working on an implementation. 
If a well tested solution that adheres to the coding standards of the project were made available as a PR, would it be possible to say that it could be included in the roadmap/upstreamed into the codebase within the next three to six months?

December 2, 2024

Mojmir

Thank you for your interest in Blockscout and this feature request. We are always open for community contributions so if someone would open a PR with such characteristics anytime next year, we would be open to upstream it into the codebase and include in the respective future release.