"PostgreSQL 14, which shipped in 2021, defaults to a more secure password authentication scheme (SCRAM-SHA-256, for any nerds that have read this far without diving for their keyboards to correct my previous parenthetical). It also just so happens to break AWS Glue, their managed ETL (extract-transform-load) service, which cannot handle that authentication scheme."
"The deprecation didn't create this problem. It just removed the ability to avoid a problem that has existed for five years, unless you take on an additional maintenance burden or pay the Extended Support tax."
"when you move to a newer PostgreSQL on RDS, Glue's connection-testing infrastructure uses an internal driver that predates the newer authentication support. The "Test Connection" button - the thing you'd click to verify that your setup works before trusting it with production data - simply doesn't."
AWS ended standard support for PostgreSQL 13 on RDS, requiring customers to upgrade to PostgreSQL 14 or later to maintain support. PostgreSQL 14 defaults to SCRAM-SHA-256 authentication for improved security. However, AWS Glue, the managed ETL service, cannot handle this newer authentication scheme and fails with "Authentication type 10 is not supported" errors. This incompatibility between two AWS services creates a problematic situation for production environments. The issue has existed for five years but was previously avoidable by staying on PostgreSQL 13. Now customers must either accept the maintenance burden, pay for Extended Support, or face non-functional data pipeline tooling.
#aws-rds-postgresql #aws-glue-etl #database-authentication #production-infrastructure #service-compatibility
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]