While I was working with AWS RDS Databases as part of my Devops journey, I used RDS databases and storing secrets for those DBs was efficient & easier with AWS Secrets Manager.
How do You & I feel, when the same feature has been introduced for the newly famous AWS Redshift Serverless Datawarehouse? Well, in my opinion, if we are using a service inside AWS, you have a feature from another service to compliment the former, then go with that, if it suits your requirement & budget
2 Ways to manage secrets for Amazon Redshift Serverless
Well, below 2 ways can be used to handle connect to an Amazon Redshift Serverless Database
1) We can use IAM User credentials to connect Or
2) Use secrets in AWS Secrets Manager to hold database credentials
If latter, then Secrets are created in 2 different ways as below.
From Redshift Serverless
A secret is auto generated when the Amazon Redshift Serverless default namespace is created
From Secrets Manager
A secret can be created inside AWS Secrets Manager, with secret type "Credentials for Amazon Redshift data warehouse" and most importantly, a tag key starting with 'Redshift'. Most importantly map the namespace with which this secret has to be associated with
To demonstrate, here, I have created a free trial version of "Amazon Redshift Serverless" to integrate with "AWS Secrets Manager" to create & store username and password for connecting with Amazon Redshift Serverless !!
Step 1
Firstly, Redshift Serverless workspace has to be created with a workgroup. The below screenshot is an "In Progress" status of the same
Step 2
Now, check for the "Status" of the created workspace in "Serverless Dashboard" in the console. Status, as you are aware, should in "Available" state
Step 3
Moving to AWS Secret Manager, Secret creation, set the required username, password for Amazon Redshift Serverless as below. Also, note that, selection of "Workspace" can be made with the list of Redshift Serverless workspaces at the bottom
Step 4
Complete the creation of secret by either enabling "Auto Rotation", if necessary. Thus, secret creation is done
Below examples have name changes for secrets or workspaces
View secrets in AWS Secrets Manager
View the associations in Amazon Redshift Serverless
Connect to the Redshift Query Editor
Databases in the workgroup or namespace can be connected using secrets created earlier(as below)
Bonus
On launching/using Amazon Redshift Serverless, AWS is providing $300 USD credit for 3 month trial period, to explore the feature !! I got one too :-)
I am eager to know about fellow community builders' idea or exposure of using these services together. Do let me know in the comments !!
Top comments (0)