Hi Fabio, feel free to propose the changes as needed. Yufei
On Wed, Sep 10, 2025 at 05:57 Rizzo Cascio, Fabio <[email protected]> wrote: > I looked at that and I don’t think it is going to work with Quarkus, > either way it seems some changes are needed in Polaris to support IAM > authentication. > > Fabio > > From: Yufei Gu <[email protected]> > Date: Tuesday, 9 September 2025 at 23:00 > To: [email protected] <[email protected]> > Subject: Re: [EXTERNAL]Re: Aurora postgres passwordless DB > > Hi Rizzo, > > Did you check the aws-advanced-jdbc-wrapper, > https://github.com/aws/aws-advanced-jdbc-wrapper? It provides a bunch of > examples, including things like "Using the AWS IAM Authentication Plugin > with DataSource", as well as support for HikariCP, c3p0, Spring. > Unfortunately, I could find Quarkus was mentioned explicitly. I'd recommend > giving it a try first. If the Quarkus datasource really limits the > integration. We could think of using other data source libs, like HikariCP, > DBCP, etc. > > Yufei > > > On Tue, Sep 9, 2025 at 9:42 AM Dmitri Bourlatchkov <[email protected]> > wrote: > > > Hi Fabio, > > > > What you describe is the current situation, indeed. > > > > However, it may be possible to improve without a great effort if Quarkus > > supports your use case. > > > > How does this IAM authentication work for plain programs that use the > > PostgreSQL JDBC driver? > > > > Thanks, > > Dmitri, > > > > On Tue, Sep 9, 2025 at 12:28 PM Rizzo Cascio, Fabio > > <[email protected]> wrote: > > > > > I meant in AWS being able to use IAM authentication instead of username > > > and password. > > > > > > I did a bit of digging and deployed Polaris and Postgres in Minikube. > > > For what I can see, Polaris in order to connect to Postgres needs the > > > connection details in a k8 secret file. > > > This is the object > > > > > > {"relationalJdbc":{"secret":{"jdbcUrl":"jdbcUrl","name":null,"password":"password","username":"username"}},"type":"relational-jdbc”} > > > > > > Is that correct? Am I missing something? > > > > > > Thanks > > > > > > Fabio > > > > > > From: Dmitri Bourlatchkov <[email protected]> > > > Date: Monday, 8 September 2025 at 15:02 > > > To: [email protected] <[email protected]> > > > Subject: [EXTERNAL]Re: Aurora postgres passwordless DB > > > > > > Hi Fabio, > > > > > > Polaris relies on Quarkus for JDBC datasource management [1]. > > > > > > By "passwordless" do you mean authentication based on the client's SSL > > > certificate? > > > > > > I'd guess anything that a PostgreSQL driver can do, should be possible > in > > > Quarkus. Helm charts may need changes to expose the necessary config. > > > > > > [1] https://quarkus.io/guides/datasource > > > > > > Cheers, > > > Dmitri. > > > > > > On Mon, Sep 8, 2025 at 8:18 AM Rizzo Cascio, Fabio > > > <[email protected]> wrote: > > > > > > > Hi guys, > > > > > > > > I was trying to create use the helm chart and new image to deploy > > Polaris > > > > in our cluster (EKS). > > > > We can’t use username and password, from what I can see in Polaris we > > > only > > > > support jdbc connections with username and password. > > > > > > > > What is the plan to support passwordless DBs? > > > > > > > > Thanks > > > > > > > > Fabio > > > > > > > > This message is confidential and subject to terms at: > > > > https://www.jpmorgan.com/emaildisclaimer including on confidential, > > > > privileged or legal entity information, malicious content and > > monitoring > > > of > > > > electronic messages. If you are not the intended recipient, please > > delete > > > > this message and notify the sender immediately. Any unauthorized use > is > > > > strictly prohibited. > > > > > > > > > > This message is confidential and subject to terms at: > > > https://www.jpmorgan.com/emaildisclaimer including on confidential, > > > privileged or legal entity information, malicious content and > monitoring > > of > > > electronic messages. If you are not the intended recipient, please > delete > > > this message and notify the sender immediately. Any unauthorized use is > > > strictly prohibited. > > > > > > > This message is confidential and subject to terms at: > https://www.jpmorgan.com/emaildisclaimer including on confidential, > privileged or legal entity information, malicious content and monitoring of > electronic messages. If you are not the intended recipient, please delete > this message and notify the sender immediately. Any unauthorized use is > strictly prohibited. >
