[
https://issues.apache.org/jira/browse/NIFI-15216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18040621#comment-18040621
]
ASF subversion and git services commented on NIFI-15216:
--------------------------------------------------------
Commit f24490e59ca2aba9bac606ca79e2c60eafc98f8b in nifi's branch
refs/heads/main from Pierre Villard
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=f24490e59c ]
NIFI-15216 Add support for AWS RDS IAM authentication in DBCP Connection Pool
(#10524)
- Added DatabasePasswordProvider interface to DBCP Service API
Signed-off-by: David Handermann <[email protected]>
> Add support for AWS RDS IAM authentication in DBCP Connection Pool
> ------------------------------------------------------------------
>
> Key: NIFI-15216
> URL: https://issues.apache.org/jira/browse/NIFI-15216
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Reporter: Pierre Villard
> Assignee: Pierre Villard
> Priority: Major
> Time Spent: 50m
> Remaining Estimate: 0h
>
> The goal is to add support for AWS RDS IAM Authentication when connecting
> over JDBC to an AWS RDS instance.
> [https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.Connecting.html]
> The approach is the following:
> - nifi-standard-services/nifi-dbcp-service-api
> -- Added org.apache.nifi.dbcp.api.DatabasePasswordProvider
> -- Added org.apache.nifi.dbcp.api.DatabasePasswordRequestContext
> - nifi-extension-utils/nifi-dbcp-base
> -- ProviderAwareBasicDataSource wraps commons‑dbcp BasicDataSource and pulls
> passwords from an injected DatabasePasswordProvider
> -- AbstractDBCPConnectionPool expose the new “Database Password Provider”
> property and forward the request context
> - nifi-aws-bundle/nifi-aws-processors
> -- org.apache.nifi.processors.aws.rds.AwsRdsIamDatabasePasswordProvider
> implements the API, uses the existing AWS credentials service, and generates
> IAM auth tokens per connection
> -- pom.xml now depends on nifi-dbcp-service-api (scope provided) so the
> controller service compiles against the shared API
> - nifi-aws-bundle/nifi-aws-nar
> -- Still depends only on nifi-aws-service-api-nar (which already drags in
> nifi-standard-shared-nar → nifi-standard-services-api-nar)
>
> Class-loader / NAR chain
> nifi-standard-services-api-nar
> ↳ contains nifi-dbcp-service-api.jar (DatabasePasswordProvider, etc.)
> nifi-standard-shared-nar
> ↳ depends on nifi-standard-services-api-nar
> nifi-aws-service-api-nar
> ↳ depends on nifi-standard-shared-nar (so it inherits the entire
> controller-service API set)
> nifi-aws-nar
> ↳ depends on nifi-aws-service-api-nar
> ↳ transitively inherits nifi-standard-shared-nar →
> nifi-standard-services-api-nar
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
