aws-secrets-manager-rotation-lambdas icon indicating copy to clipboard operation
aws-secrets-manager-rotation-lambdas copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

Feature Request: Redshift Serverless Namespace admin user rotation

Open dontirun opened this issue 2 years ago • 2 comments

Summary:

Support admin user rotation for Redshift Serverless Namespaces using the update_namespace API

Details

Redshift Serverless separates out database (namespace) and compute (workgroup) into distinct resources. Generally a workgroup is associated with a namespace and a user will connect to the workgroup to query databases on the associated namespace. However, this association is mutable. A workgroup can be disassociated from a namespace, re-associated with a new namespace, or deleted.

This makes rotating users through a workgroup connection unreliable. That being said, Redshift Serverless offers an update_namespace API which can be used to update the Admin username/password combination.

It would be helpful to have a Rotation Lambda that leveraged that API for Admin user roatation

dontirun avatar Feb 27 '23 15:02 dontirun

Thank you for the request, Arun. We've noted this as an enhancement request.

jbct avatar Mar 06 '23 20:03 jbct

It may be easier to do this now given that Secrets Manager has native support for secret rotation with Redshift Serverless

dontirun avatar Mar 18 '24 21:03 dontirun