Intreecom
[Feature request]: Handle AWS SigV4AuthProvider
Hello,
We are using scyllapy on our stack because of its asyncio complete integration. However, we deploy our application on an AWS stack with AWS Keyspace. Following the official AWS documentation it seems, we have two solutions for Cassandra authentication:
- create a dedicated user with username / password
- use aws-sigv4-auth-cassandra-python-driver-plugin
As it is, scyllapy does not seem to integrate auth_provider feature and this would be a great improvement in AWS integration.
Do you plan to integrate it in the future?
thanks!
Actually scyllapy supports connecting to AWS keyspaces already. Because we were using it with keyspaces.
The scylla class has parameters ssl_cert, ssl_key, ssl_ca_file and ssl_verify_mode.
To connect it to AWS keyspaces please initialize it as this:
import asyncio
from scyllapy import Scylla
from pathlib import Path
async def main():
cert = Path("sf-class2-root.crt").read_text()
scylla = Scylla(
["cassandra.eu-central-1.amazonaws.com:9142"],
username="Your given username",
password="Your secret key",
ssl_cert=cert,
)
await scylla.startup()
rows = await scylla.execute("SELECT * FROM system.local")
for row in rows.all():
print(row)
if __name__ == "__main__":
asyncio.run(main())
To download the certificate please follow this guide.
https://docs.aws.amazon.com/keyspaces/latest/devguide/using_python_driver.html
Thanks for your answer!
It will be really helpful to implement in our current stack :)
However, the idea would be to avoid basic username / password authentication but using AWS IAM instead.
I see now. Yes, this thing is not yet possible. We might try implementing it after we update the whole library. Because currently it needs a lot of rewrite since underlying scylla driver has been updated to first stable version.