Skip to content

IAM Auth for RDS#3479

Merged
pablonyx merged 15 commits intomainfrom
postgres_iam
Dec 17, 2024
Merged

IAM Auth for RDS#3479
pablonyx merged 15 commits intomainfrom
postgres_iam

Conversation

@pablonyx
Copy link
Copy Markdown
Contributor

@pablonyx pablonyx commented Dec 15, 2024
edited
Loading

Description

Fixes https://linear.app/danswer/issue/DAN-1190/iam-auth-for-the-postgres-database-aws-aurora-specifically

How Has This Been Tested?

  • Regular Postgres environment
  • RDS environment (multi tenant set up)
  • Locally with Aurora Cluster with IAM role
  • Docker compose with monuting the certificate / assigning the IAM role

Accepted Risk (provide if relevant)

N/A

Related Issue(s) (provide if relevant)

N/A

Mental Checklist:

  • All of the automated tests pass
  • All PR comments are addressed and marked resolved
  • If there are migrations, they have been rebased to latest main
  • If there are new dependencies, they are added to the requirements
  • If there are new environment variables, they are added to all of the deployment methods
  • If there are new APIs that don't require auth, they are added to PUBLIC_ENDPOINT_SPECS
  • Docker images build and basic functionalities work
  • Author has done a final read through of the PR right before merge

Backporting (check the box to trigger backport action)

Note: You have to check that the action passes, otherwise resolve the conflicts manually and tag the patches.

  • This PR should be backported (make sure to check that the backport attempt succeeds)

@vercel
Copy link
Copy Markdown

vercel bot commented Dec 15, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
internal-search ✅ Ready (Inspect) Visit Preview 💬 Add feedback Dec 17, 2024 9:28pm

@pablonyx pablonyx changed the title k IAM Auth for RDS Dec 15, 2024
rkuo-danswer
rkuo-danswer reviewed Dec 17, 2024
View reviewed changes
backend/alembic/env.py Outdated
dialect: Any, conn_rec: Any, cargs: Any, cparams: Any
) -> None:
if USE_IAM_AUTH:
region = os.getenv("AWS_REGION", "us-east-2")
Copy link
Copy Markdown
Contributor

@rkuo-danswer rkuo-danswer Dec 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems a bit sketchy to hardcode this

Copy link
Copy Markdown
Contributor Author

@pablonyx pablonyx Dec 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! Meant to put in configs

deployment/docker_compose/docker-compose.dev.yml Outdated

indexing_model_server:
image: onyxdotapp/onyx-model-server:${IMAGE_TAG:-latest}
image: onyxdotapp/onyx-model-server-indexing:${IMAGE_TAG:-latest}
Copy link
Copy Markdown
Contributor

@rkuo-danswer rkuo-danswer Dec 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are the extra indent spaces here a glitch or intentional?

@pablonyx pablonyx enabled auto-merge December 17, 2024 21:26
@pablonyx pablonyx added this pull request to the merge queue Dec 17, 2024
Merged via the queue into main with commit 8db6d49 Dec 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@rkuo-danswer rkuo-danswer rkuo-danswer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Needs Review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pablonyx @rkuo-danswer