I looked at that and I don’t think it is going to work with Quarkus, either way it seems some changes are needed in Polaris to support IAM authentication.
Fabio From: Yufei Gu <[email protected]> Date: Tuesday, 9 September 2025 at 23:00 To: [email protected] <[email protected]> Subject: Re: [EXTERNAL]Re: Aurora postgres passwordless DB Hi Rizzo, Did you check the aws-advanced-jdbc-wrapper, https://github.com/aws/aws-advanced-jdbc-wrapper? It provides a bunch of examples, including things like "Using the AWS IAM Authentication Plugin with DataSource", as well as support for HikariCP, c3p0, Spring. Unfortunately, I could find Quarkus was mentioned explicitly. I'd recommend giving it a try first. If the Quarkus datasource really limits the integration. We could think of using other data source libs, like HikariCP, DBCP, etc. Yufei On Tue, Sep 9, 2025 at 9:42 AM Dmitri Bourlatchkov <[email protected]> wrote: > Hi Fabio, > > What you describe is the current situation, indeed. > > However, it may be possible to improve without a great effort if Quarkus > supports your use case. > > How does this IAM authentication work for plain programs that use the > PostgreSQL JDBC driver? > > Thanks, > Dmitri, > > On Tue, Sep 9, 2025 at 12:28 PM Rizzo Cascio, Fabio > <[email protected]> wrote: > > > I meant in AWS being able to use IAM authentication instead of username > > and password. > > > > I did a bit of digging and deployed Polaris and Postgres in Minikube. > > For what I can see, Polaris in order to connect to Postgres needs the > > connection details in a k8 secret file. > > This is the object > > > {"relationalJdbc":{"secret":{"jdbcUrl":"jdbcUrl","name":null,"password":"password","username":"username"}},"type":"relational-jdbc”} > > > > Is that correct? Am I missing something? > > > > Thanks > > > > Fabio > > > > From: Dmitri Bourlatchkov <[email protected]> > > Date: Monday, 8 September 2025 at 15:02 > > To: [email protected] <[email protected]> > > Subject: [EXTERNAL]Re: Aurora postgres passwordless DB > > > > Hi Fabio, > > > > Polaris relies on Quarkus for JDBC datasource management [1]. > > > > By "passwordless" do you mean authentication based on the client's SSL > > certificate? > > > > I'd guess anything that a PostgreSQL driver can do, should be possible in > > Quarkus. Helm charts may need changes to expose the necessary config. > > > > [1] https://quarkus.io/guides/datasource > > > > Cheers, > > Dmitri. > > > > On Mon, Sep 8, 2025 at 8:18 AM Rizzo Cascio, Fabio > > <[email protected]> wrote: > > > > > Hi guys, > > > > > > I was trying to create use the helm chart and new image to deploy > Polaris > > > in our cluster (EKS). > > > We can’t use username and password, from what I can see in Polaris we > > only > > > support jdbc connections with username and password. > > > > > > What is the plan to support passwordless DBs? > > > > > > Thanks > > > > > > Fabio > > > > > > This message is confidential and subject to terms at: > > > https://www.jpmorgan.com/emaildisclaimer including on confidential, > > > privileged or legal entity information, malicious content and > monitoring > > of > > > electronic messages. If you are not the intended recipient, please > delete > > > this message and notify the sender immediately. Any unauthorized use is > > > strictly prohibited. > > > > > > > This message is confidential and subject to terms at: > > https://www.jpmorgan.com/emaildisclaimer including on confidential, > > privileged or legal entity information, malicious content and monitoring > of > > electronic messages. If you are not the intended recipient, please delete > > this message and notify the sender immediately. Any unauthorized use is > > strictly prohibited. > > > This message is confidential and subject to terms at: https://www.jpmorgan.com/emaildisclaimer including on confidential, privileged or legal entity information, malicious content and monitoring of electronic messages. If you are not the intended recipient, please delete this message and notify the sender immediately. Any unauthorized use is strictly prohibited.
