alexey.rassokhin/tet123
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

DBZ-4710: fix replication role check on RDS Postgres

Browse Source 
According to Debezium documentation[1], on AWS RDS, the `rds_replication` role
is enough to read the wal_log. However, on the connection validation step,
this case is omitted and the connector cannot start. The issue is pressent
starting at least v1.4.x.Final.

[1] https://debezium.io/documentation/reference/1.8/connectors/postgresql.html#postgresql-on-amazon-rds
This commit is contained in:
Andrei Isac 2022-02-07 14:26:56 +01:00 committed by Gunnar Morling
parent 292f39bb34
commit 4dee34922e
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
debezium-connector-postgres/src/main/java/io/debezium/connector/postgresql/PostgresConnector.java
View File

@ -118,12 +118,17 @@ protected void validateConnection(Map<String, ConfigValue> configValues, Configu
" FROM pg_catalog.pg_auth_members m" +
" JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid)" +
" WHERE m.member = r.oid), 'rdsrepladmin') AS BOOL) IS TRUE AS aws_repladmin" +
", CAST(array_position(ARRAY(SELECT b.rolname" +
" FROM pg_catalog.pg_auth_members m" +
" JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid)" +
" WHERE m.member = r.oid), 'rds_replication') AS BOOL) IS TRUE AS aws_replication" +
" FROM pg_roles r WHERE r.rolname = current_user",
connection.singleResultMapper(rs -> rs.getBoolean("rolcanlogin")
&& (rs.getBoolean("rolreplication")
|| rs.getBoolean("aws_superuser")
|| rs.getBoolean("aws_admin")
|| rs.getBoolean("aws_repladmin")),
|| rs.getBoolean("aws_repladmin")
|| rs.getBoolean("aws_replication")),
"Could not fetch roles"))) {
final String errorMessage = "Postgres roles LOGIN and REPLICATION are not assigned to user: " + connection.username();
LOGGER.error(errorMessage);