PostgreSQL Dynamic Account
Use this account type to connect PostgreSQL Snaps with data sources that use PostgreSQL accounts with secrets management support.
Overview
This account type supports integration with secrets management systems, enabling you to securely store and retrieve sensitive credentials such as passwords and access keys. Dynamic accounts can reference secrets stored in external vaults, providing enhanced security and centralized credential management.
Account settings
| Field/Field set | Type | Description |
|---|---|---|
| Label
|
Required. The name for the account.
We recommend that you update the account name if there is more than
one account in your project. Default value: N/A Example: PostgreSQL_Account_Type |
|
| Authentication method
|
Select the authentication method to
create your Postgres Account. The available options are:
Default value: User ID and password Example: IAM Auth |
|
| Account properties | Required. The account information required to create a connection to the PostgreSQL database. | |
| Hostname
|
Required. The PostgreSQL server's
address. Default value: N/A Example: acc-postgresql-us-test-rsd.amazonaws.com |
|
| Port number
|
Required. The port number to use to
make the server connection. Default value: 5432 Example: 5432 |
|
| Database name
|
Required. The name of the database
to which to connect. Default value: N/A Example: TestDB |
|
| Username
|
The username that is allowed to
connect to the database. This username will be used as the default
username when retrieving connections. The username must be valid in
order to set up the data source. Note: The Username is
mandatory for both the authentication types:
Default value: N/A Example: snapuser |
|
| Password
|
Required. The password associated
with the username listed above. The password must be valid in order
to set up the data source. Default value: N/A |
|
| JDBC Jars | The list of JDBC jar files that must be loaded for the account to work. | |
| JDBC driver
|
The JDBC driver that must be loaded
for the account to work. By default, this field has one row
populated. Click the + icon to add more rows. Default value: Default Driver postgres 42.7.2.jar Example: postgresql-9.3-1104.jdbc4.jar |
|
| JDBC driver class
|
The JDBC driver class that you want
to use with the account. Default value: org.postgresql.Driver |
|
| IAM properties | Appears when you select the IAM Auth for the Authentication method. Configure the IAM-related properties for IAM authentication. | |
| IAM role
|
Appears when you select the
IAM Auth for the
Authentication method. Select this checkbox to use the IAM role stored in the Groundplex EC2 instance. Note:
Default value: Deselected |
|
| AWS access key ID
|
Appears when you select the
IAM Auth for the
Authentication method and deselect
IAM role checkbox. Specify the AWS access key ID associated with your AWS account. Default value: N/A Example: ASIAEXAMPLE |
|
| AWS secret access key
|
Appears when you select the
IAM Auth for the
Authentication method and deselect
IAM role checkbox. Specify the Secret access key associated with your AWS authentication. Default value: N/A Example: wJalrXUtnFEMI/K7ENG/bPxRfiCEKEY |
|
| AWS security token
|
Appears when you select the
IAM Auth for the
Authentication method and deselect
IAM role checkbox. Specify the Security Token used to authenticate your requests to AWS services. Only global Security Token Service (STS) regions are supported. Default value: N/A Example: FQoGZXIvYXdzEFYaDO/7V77y1HTi1a0B7CK4AQpdKsNC6M/4X8e0fH4QE/... |
|
| AWS region
|
Appears when you select the
IAM Auth for the
Authentication method and select
IAM role checkbox. Specify the AWS region where the application is running. Default value: N/A Example: us-east-1 |
|
| Cross account IAM properties | Use this field set to configure the cross-account access. | |
| Role ARN
|
Specify the Amazon Resource Name
(ARN) of the role to assume. Default value: N/A Example: arn:aws:iam::61286491850:role/EC2_role |
|
| External ID
|
Specify an External ID that might be
required by the role to assume. Default value: N/A Example: 7542158 |
|
| Configure SSH Tunnel
|
Select this checkbox if Snap needs
to create an SSH tunnel to connect the Snaplex to the PostgreSQL
server. After the operation is completed, the tunnel is
closed. Note: This Account supports SSH-2 RSA / Ed25519
keys If you select true, you must provide the configuration details of the SSH tunnel. Default value: Deselected |
|
| SSH auth mode
|
Select an option to specify the mode
for authenticating the user on the SSH tunnel. This option is
available only if the Configure SSH Tunnel checkbox is selected. The
available options are:
Note: The PostgreSQL Account supports all popular
Public-key cryptography algorithms. Note: Do
not enable expressions in this field. If you enable an
expression, the other fields based on it might not be
available. Default value: Password Example: KeyFile |
|
| SSH hostname
|
Specify either the IP address or the
domain name of the SSH server to which you want to connect. Default value: None Example: SSH_Hostname |
|
| SSH username
|
Specify the SSH username for
connecting to the SSH tunnel. Default value: None Example: SSH_User |
|
| SSH password
|
Password for the
specified SSH username for connecting to the SSH tunnel. This field
is required if the SSH Auth Mode is
Password. Default value: None |
|
| Private key file URL
|
Specify the location of the keystore
file. This field is required if the SSH Auth
Mode is KeyFile (Private Key File). The file can be in SLDB, on the host machine that is hosting the JCC, or at any other remote location. For a local file, click to select the appropriate file using the file browser. You can also upload the file using any protocol such as https, ftp, sldb, and sftp. Default value: None Example: PK_File |
|
| Private key
|
Specify the private key for
authentication. This field is required if the SSH Auth
Mode is KeyFile (Private Key String). Default value: None Example: _PrivateKey |
|
| Private key passphrase
|
Specify the password is to be used
to access the Key File URL or to decrypt the Private Key. If no
value is provided, the keystore password is used. This field is
required if the SSH Auth Mode is
KeyFile. Default value: None |
|
| SSH port
|
Specify the SSH port to connect to
the PostgreSQL Server. Note: Ensure that there are no port
conflicts. Default value: None Example: 22222 |
|
| Advanced properties | Advanced properties associated with the PostgreSQL account type. | |
| Auto commit
|
Select this check box to commit
batches as soon as they are executed. If the Snap fails, only the
batch being executed at that moment is rolled back. Deselect the check box to commit Snap execution output only after all the batches are executed. If the Snap fails, the entire transaction is rolled back unless the Snap finds invalid input data before it sends the insert request to the server and routes the error documents to the Error view. Default value: Selected |
|
| Batch size
|
Required. The number of statements
to execute at a time. Note: Select queries are not
batched. Warning: Using a large batch size
could use up the JDBC placeholder limit of 2100. Default value: 50 Example: 20 |
|
| Fetch size
|
Required. The number of rows that
you want the Snap to fetch at a time when executing a query. Warning: Large values could cause the server to run out of
memory. Default value: 100 Example: 50 |
|
| Min pool size
|
Required. The minimum number of
connections that a pool should maintain at a time. Default value: 3 Example: 5 |
|
| Max pool size
|
Required. The maximum number of
connections that a pool should maintain at a time. Default value: 50 Example: 30 |
|
| Max lifetime (minutes)
|
Required. The maximum lifetime (in
minutes) of a connection in the pool. Ensure that the value you
enter is less than any database or infrastructure-imposed connection
time limit. A value of 0 indicates an infinite lifetime, subject to
the Idle Timeout value. Note: An in-use
connection is never retired. Connections are removed only after
they are closed. Default value: 30 Example: 50 |
|
| Idle timeout (minutes)
|
Required. The maximum amount of time
(in minutes) for which a connection is allowed to sit idle in the
pool. A value of 0 indicates that idle connections are never removed
from the pool. Default value: 5 Example: 10 |
|
| Checkout timeout (milliseconds)
|
Required. The number of milliseconds
for which the Snap waits for a connection to be available when the
pool is exhausted. A value of 0 indicates an infinite timeout. The Snap throws an exception after the wait time expires. Default value: 10000 Example: 8000 |
|
| URL properties | Use this fieldset to configure the URL that connects to your account. | |
| URL property name
|
The name of the URL property. Default value: N/A Example: socketTimeout |
|
| URL property value
|
The value of the URL property. Default value: N/A Example: 10 |
|
Troubleshooting
| Error | Reason | Resolution |
|---|---|---|
| JDBC driver hangs in case of a connection error | The default socketTime value in PostgreSQL accounts is 0. This causes the JDBC driver to hang if there are any connection errors. | To overcome this, configure the URL properties in Account settings with the following parameter and value: URL property name: URL property value: A SocketTimeout value of 10 ensures that the JDBC driver returns no connections after 10 seconds. |
| Timeout issue | A connection failure does not suspend the running PostgreSQL Pipelines if the timeout value is lesser than the time to process the query. | To overcome this issue, set the URL property socketTimeout with a longer time period than that of the longest expected query.
|
| SSL connection validation issue | When connecting to an SSL-enabled PostgreSQL account, the account fails in validation. | To overcome this, configure the URL properties in Account settings to establish an SSL connection with the following parameter and value:
|
Auto-commit with Execute Snaps
For a DB Execute Snap, assume that a stream of documents enters the input view of the Snap and the SQL statement property has JSON paths in the WHERE clause. If the number of documents is large, the Snap executes in more than one batches rather than executing one per each document. Each batch would contain a certain number of WHERE clause values. If Auto commit is turned on, a failure would only roll back the records in the current batch. If Auto commit is turned off, the entire operation would be rolled back. For a single execute statement (with no input view), the setting has no practical effect.