Ask Your Question

Seriously, I can't use Postgres in Amazon RDS?

asked 2018-05-05 19:31:00 -0600

salientdigital gravatar image

The PuppetDB config info says, in part:

Next, you will most likely need to modify the pg_hba.conf file to allow for MD5 authentication from at least localhost. To locate the file you can either issue a locate pg_hba.conf command (if your distribution supports it) or consult your distribution’s documentation for the PostgreSQL confdir.

Amazon RDS does not provide this feature, from what I can tell. Can I turn authentication off? I already have a beefy PostgreSQL server in Aurora and do not want to create another self-managed PostgreSQL install just for puppetdb if I don't have to.

Please advise how to use PostgreSQL in Amazon RDS / Aurora for PuppetDB. Thanks!

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted

answered 2018-05-07 03:56:20 -0600

Jeremiah Powell gravatar image

Are you hand installing PuppetDB? Then you already know you will have to create the schema and tables it expects beforehand.

If you look at the Puppet Enterprise documentation it shows how to setup the external database for an Amazon RDS or any other PostgreSQL instance that uses SSL certificates instead of md5 logins.

The key part is that your access URLs for PuppetDB will have to use SSL urls and your custom SSL certificates.

Here's the example for the pe-activity schema from that page:

"//<POSTGRESQL_SERVER_HOSTNAME>:5432/pe-activity?ssl=true&sslfactory=org.postgresql.ssl.jdbc4.LibPQFactory&sslmode=verify-full&sslrootcert=<PATH TO EXTERNAL POSTGRESQL CA CERT>"

This is best set through use of the PuppetDB classes and not by hand. Puppet Labs does make their modules to do this available Freely on the Puppet Forge.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2018-05-05 19:31:00 -0600

Seen: 173 times

Last updated: May 07