Authentication Error When Setting Up App Via EKS With IRSA

0
I am trying to deploy an app using EKS, and setting up a Postgres database with AWS IAM authentication (IRSA). I have followed the documentation at https://docs.mendix.com/developerportal/deploy/private-cloud-storage-plans/#database-postgres-iam but am yet to have a working implementation. I have set up the prerequisites as directed: RDS database cluster with IAM authentication enabled an account with superuser and aws_iam privileges AWS IAM role with the proper permissions In my YAML configuration I have also followed the instructions to set the hostname, ports, service accounts, etc. Yet when I apply my config, I get an error: pq: PAM authentication failed for user \""<superusername>\""   I can access the database manually and can see the user with the roles. I have checked with AWS support and it seems like my resources on the AWS side are set up correctly. Would anyone have an idea what could be missing from my configuration or access?
asked
1 answers
0

Hi Daniel,

 

Please check if you have enabled aim authentication for the app's user in the database. Please find an example in line 35:

https://github.com/aws-ia/terraform-aws-mendix-private-cloud/blob/main/charts/mendix-installer/templates/mendix-installer-configmap.yaml#L35

 

Also, you can upgrade to the last Operator version since it fixed a PEM authentication-related issue:

https://docs.mendix.com/releasenotes/developer-portal/mendix-for-private-cloud/#2.20.1

 

If nothing works, you can spin the reference deployment, the above Github project, to check a working IRSA configuration.

 

Good luck!

Carlos.

answered