Related JIRA: https://issues.apache.org/jira/browse/CASSANDRA-20416
Includes links to the draft code and more complete documentation of the
proposed approach.
Thanks -- Joel.
On 3/4/2025 12:48 PM, Joel Shepherd wrote:
Hi - I have a side project that provides client- and node-side Java
plug-ins to enable client-to-node authentication based on AWS
identities. This would, for example, enable clients to use EC2
instance roles to authenticate to Cassandra nodes, or use ordinary IAM
keys/secret keys. The client needs to be able to obtain valid IAM
credentials to sign a request, and the node needs to be able to
connect to a public AWS Security Token Service (STS) endpoint. There
are no other required AWS dependencies, and (I believe) no changes
required driver or node code: just minor configuration updates.
I'm seeking help in reviewing the concept and code. I'm new to this
community, so I'm looking for suggestions on how to best engage you
on this.
The code (which is not quite production-ready) is in two private
GitHub repos which I'm happy to grant access to for early review. I
can also provide documentation on the approach: not sure whether
that's best shared via this thread, a CEP, repo documentation ...
suggestions wanted.
Thanks: I'd appreciate any and all help in making these plug-ins
available to the community.
-- Joel.
