@@ -68,6 +68,32 @@ def set_auth_properties(info: RedshiftProperty):
6868 _logger .debug ("boto3 version: {}" .format (Version (pkg_resources .get_distribution ("boto3" ).version )))
6969 _logger .debug ("botocore version: {}" .format (Version (pkg_resources .get_distribution ("botocore" ).version )))
7070
71+ # Check for IAM keys and AuthProfile first
72+ if info .auth_profile is not None :
73+ if Version (pkg_resources .get_distribution ("boto3" ).version ) < Version ("1.17.111" ):
74+ raise pkg_resources .VersionConflict (
75+ "boto3 >= 1.17.111 required for authentication via Amazon Redshift authentication profile. "
76+ "Please upgrade the installed version of boto3 to use this functionality."
77+ )
78+
79+ if not all ((info .access_key_id , info .secret_access_key , info .region )):
80+ raise InterfaceError (
81+ "Invalid connection property setting. access_key_id, secret_access_key, and region are required "
82+ "for authentication via Redshift auth_profile"
83+ )
84+ else :
85+ # info.put("region", info.region)
86+ # info.put("endpoint_url", info.endpoint_url)
87+
88+ resp = IdpAuthHelper .read_auth_profile (
89+ auth_profile = typing .cast (str , info .auth_profile ),
90+ iam_access_key_id = typing .cast (str , info .access_key_id ),
91+ iam_secret_key = typing .cast (str , info .secret_access_key ),
92+ iam_session_token = info .session_token ,
93+ info = info ,
94+ )
95+ info .put_all (resp )
96+
7197 if info .cluster_identifier is None and not info ._is_serverless :
7298 raise InterfaceError (
7399 "Invalid connection property setting. cluster_identifier must be provided when IAM is enabled"
@@ -124,32 +150,6 @@ def set_auth_properties(info: RedshiftProperty):
124150 if info .db_groups and info .force_lowercase :
125151 info .put ("db_groups" , [group .lower () for group in info .db_groups ])
126152
127- # Check for IAM keys and AuthProfile first
128- if info .auth_profile is not None :
129- if Version (pkg_resources .get_distribution ("boto3" ).version ) < Version ("1.17.111" ):
130- raise pkg_resources .VersionConflict (
131- "boto3 >= 1.17.111 required for authentication via Amazon Redshift authentication profile. "
132- "Please upgrade the installed version of boto3 to use this functionality."
133- )
134-
135- if not all ((info .access_key_id , info .secret_access_key , info .region )):
136- raise InterfaceError (
137- "Invalid connection property setting. access_key_id, secret_access_key, and region are required "
138- "for authentication via Redshift auth_profile"
139- )
140- else :
141- # info.put("region", info.region)
142- # info.put("endpoint_url", info.endpoint_url)
143-
144- resp = IdpAuthHelper .read_auth_profile (
145- auth_profile = typing .cast (str , info .auth_profile ),
146- iam_access_key_id = typing .cast (str , info .access_key_id ),
147- iam_secret_key = typing .cast (str , info .secret_access_key ),
148- iam_session_token = info .session_token ,
149- info = info ,
150- )
151- info .put_all (resp )
152-
153153 @staticmethod
154154 def read_auth_profile (
155155 auth_profile : str ,
@@ -185,8 +185,8 @@ def read_auth_profile(
185185 # 2nd phase - request Amazon Redshift authentication profiles and record contents for retrieving
186186 # temporary credentials for the Amazon Redshift cluster specified by end user
187187 response = client .describe_authentication_profiles (AuthenticationProfileName = auth_profile )
188- except ClientError :
189- raise InterfaceError ("Unable to retrieve contents of Redshift authentication profile from server" )
188+ except ClientError as e :
189+ raise InterfaceError (e )
190190
191191 _logger .debug ("Received {} authentication profiles" .format (len (response ["AuthenticationProfiles" ])))
192192 # the first matching authentication profile will be used
0 commit comments