Joel, thanks for reaching out. This sounds interesting, I bet there are many who
would benefit from IAM-based authentication. If you haven't yet, could you request a
Jira account? Someone will be able to approve it almost immediately if you don't have
one yet. https://selfserve.apache.org/jira-account.html For discussing/reviewing the
implementation, I'd make the repos public and create a ticket under the database [1]
and driver [2] projects with a description and source link to start. For new feature
proposals, we'll usually open with a discuss thread as you've started here. That
discussion will gauge receptivity and whether to proceed by acclamation; or whether
the proposal is significant enough in scope to warrant a CEP doc and vote thread [3].
Cheers, – Scott [1] http://issues.apache.org/jira/browse/CASSANDRA [2]
http://issues.apache.org/jira/browse/CASSJAVA [3]
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=95652201 On Mar 4,
2025, at 12:48 PM, Joel Shepherd <sheph...@amazon.com> wrote: Hi - I have a
side project that provides client- and node-side Java plug-ins to enable
client-to-node authentication based on AWS identities. This would, for example,
enable clients to use EC2 instance roles to authenticate to Cassandra nodes, or use
ordinary IAM keys/secret keys. The client needs to be able to obtain valid IAM
credentials to sign a request, and the node needs to be able to connect to a public
AWS Security Token Service (STS) endpoint. There are no other required AWS
dependencies, and (I believe) no changes required driver or node code: just minor
configuration updates. I'm seeking help in reviewing the concept and code. I'm new to
this community, so I'm looking for suggestions on how to best engage you on this. The
code (which is not quite production-ready) is in two private GitHub repos which I'm
happy to grant access to for early review. I can also provide documentation on the
approach: not sure whether that's best shared via this thread, a CEP, repo
documentation ... suggestions wanted. Thanks: I'd appreciate any and all help in
making these plug-ins available to the community. -- Joel.
