Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IAM Auth for RDS #3479

Merged
merged 15 commits into from
Dec 17, 2024
Merged

IAM Auth for RDS #3479

merged 15 commits into from
Dec 17, 2024

Conversation

pablonyx
Copy link
Contributor

@pablonyx pablonyx commented Dec 15, 2024
edited
Loading

Description

Fixes https://linear.app/danswer/issue/DAN-1190/iam-auth-for-the-postgres-database-aws-aurora-specifically

How Has This Been Tested?

  • Regular Postgres environment
  • RDS environment (multi tenant set up)
  • Locally with Aurora Cluster with IAM role
  • Docker compose with monuting the certificate / assigning the IAM role

Accepted Risk (provide if relevant)

N/A

Related Issue(s) (provide if relevant)

N/A

Mental Checklist:

  • All of the automated tests pass
  • All PR comments are addressed and marked resolved
  • If there are migrations, they have been rebased to latest main
  • If there are new dependencies, they are added to the requirements
  • If there are new environment variables, they are added to all of the deployment methods
  • If there are new APIs that don't require auth, they are added to PUBLIC_ENDPOINT_SPECS
  • Docker images build and basic functionalities work
  • Author has done a final read through of the PR right before merge

Backporting (check the box to trigger backport action)

Note: You have to check that the action passes, otherwise resolve the conflicts manually and tag the patches.

  • This PR should be backported (make sure to check that the backport attempt succeeds)

@vercel Vercel
Copy link

vercel bot commented Dec 15, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
internal-search ✅ Ready (Inspect) Visit Preview 💬 Add feedback Dec 17, 2024 9:28pm

@pablonyx pablonyx changed the title k IAM Auth for RDS Dec 15, 2024
rkuo-danswer
rkuo-danswer reviewed Dec 17, 2024
View reviewed changes
backend/alembic/env.py Outdated
dialect: Any, conn_rec: Any, cargs: Any, cparams: Any
) -> None:
if USE_IAM_AUTH:
region = os.getenv("AWS_REGION", "us-east-2")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems a bit sketchy to hardcode this

Copy link
Contributor Author

@pablonyx pablonyx Dec 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! Meant to put in configs

deployment/docker_compose/docker-compose.dev.yml Outdated
@@ -300,7 +314,7 @@ services:
max-file: "6"

indexing_model_server:
image: onyxdotapp/onyx-model-server:${IMAGE_TAG:-latest}
image: onyxdotapp/onyx-model-server-indexing:${IMAGE_TAG:-latest}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are the extra indent spaces here a glitch or intentional?

@pablonyx pablonyx enabled auto-merge December 17, 2024 21:26
@pablonyx pablonyx added this pull request to the merge queue Dec 17, 2024
Merged via the queue into main with commit 8db6d49 Dec 17, 2024
12 of 13 checks passed
aronszanto pushed a commit to aronszanto/onyx that referenced this pull request Dec 23, 2024
@pablonyx
IAM Auth for RDS (onyx-dot-app#3479)
465a4ed 
* k

* functional iam auth

* k

* k

* improve typing

* add deployment options

* cleanup

* quick clean up

* minor cleanup

* additional clarity for db session operations

* nit

* k

* k

* update configs

* docker compose spacing
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rkuo-danswer rkuo-danswer rkuo-danswer approved these changes

Assignees
No one assigned
Labels
Needs Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pablonyx @rkuo-danswer