Redshift feature: Include STS session token in COPY CREDENTIALS. #3307
Conversation
…ws_session_token is present, append the session token. Keeps IAM_ROLE path and long-lieved keys unchanged
Undo auto formatting changes
Remove blank line
Undo auto formatting changes
|
@rudolfix I've updated the code, linting should (hopefully) not be an issue any more. May you please re-run the pipeline? |
Use string concatenation instead of two separate branches
Fixed incorrect string concatenation
Explicitly use attribute
Use correct variable
rudolfix
left a comment
rudolfix
left a comment
There was a problem hiding this comment.
LGTM! last question: how do you pass STS to dlt? do you create configuration in code? could you paste code sample?
The last commit is required. I've done that on the train and is was all a bit messy. Now it works again. |
|
@rudolfix Is there something to be done, or will an autoformatter handle the rest? |
|
@timH6502 auto format will not fix the code after it is pushed. you need to do |
Change identation
|
@rudolfix Not sure what formatter/settings are required. However, the log indicates that only some identation had to be changed. Hope it works now. Black (default settings vscode plugin) would change lines 131, 132, 139 and 140. |
2 participants
Description
Enable Redshift COPY with temporary STS credentials by including the session token in the CREDENTIALS clause when present. If not provided, the old behavior is preserved.
Without the session token, COPY using temporary STS creds fails.
This only affects the S3 -> Redshift COPY path when credentials are temporary
More information can be found here:
https://docs.aws.amazon.com/redshift/latest/dg/copy-parameters-authorization.html
Specifically this section:
To use temporary token credentials, you must provide the temporary access key ID, the temporary secret access key, and the temporary token. The credentials-args string is in the following format.