Add AWS IAM PostgreSQL passwordless authentication support #379
Conversation
- Add postgres-passwordless module with IAM authentication - Update database module to support IAM authentication options - Add variables for enabling postgres passwordless mode - Update main module integration for postgres passwordless This enables PostgreSQL database authentication using AWS IAM instead of traditional username/password authentication.
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
1 similar comment
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
- Apply terraform fmt to align with CI/CD formatting requirements - Fix alignment in locals.tf for database module references - Fix alignment in main.tf for database module parameters - Fix alignment in modules/database/main.tf
Documentation will be added separately in future PR
There was a problem hiding this comment.
The postgres-passwordless module does not seem to be used here. We are just deploying normal postgres in this.
The approach is also not similar to general use case. Look like we are creating an VM and running postgres using docker.
We should use a RDS instance for this.
raviharshicorp
force-pushed
the
pravi/IND-5776
branch
2 times, most recently
from
2ebf76b to
f36dc79
Compare
…s authentication - Add postgres_iam_policy_arn output to service_accounts module - Add database_endpoint, database_name, database_username, database_password outputs to root module - Remove all Redis IAM authentication code to keep this branch PostgreSQL-only
raviharshicorp
force-pushed
the
pravi/IND-5776
branch
from
d235fd3 to
b7ecd6f
Compare
…module call This fixes the module reference errors by removing Redis AWS IAM variables that no longer exist in the PostgreSQL-only terraform-random-tfe-utility branch.
- Add IAM authentication variables to service_accounts/variables.tf - Add PostgreSQL IAM policy resource and attachment to service_accounts/main.tf - Fixes PostgreSQL passwordless authentication support for FDO tests
- Fixes missing variable support for Redis IAM authentication - Required for PostgreSQL passwordless authentication tests
- Change local file paths back to git::https:// URLs for CI compatibility - Ensures modules can be downloaded in CI environment - Fixes 'no such file or directory' errors in release tests
- Add redis_enable_iam_auth variable for Redis IAM authentication control - Add db_iam_username variable for PostgreSQL IAM username specification - Required for PostgreSQL passwordless authentication tests
raviharshicorp
force-pushed
the
pravi/IND-5776
branch
2 times, most recently
from
93770b3 to
36709ca
Compare
2 participants
Background
This enables PostgreSQL database authentication using AWS IAM instead of traditional username/password authentication.
Relates OR Closes https://github.com/hashicorp/terraform-enterprise/pull/3079
How Has This Been Tested
CI/CD: https://github.com/hashicorp/terraform-enterprise/actions/runs/18079265431/job/51440243884