Use token as password of a PostgreSQL connection and modify it when the token expires, can this be done by a MFlow plugin? #11971
Ferdinanddb
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am running MLflow on an AKS cluster and I did the necessary so that it is connected to an Azure PostgreSQL Flexible server (to store the metadata) and an Azure storage account (to store the artifacts).
It is working fine, but my ultimate goal is to connect to the PostgreSQL server using an UAMI (Azure managed identity). The advantage of doing so is that, instead of using a password, we ask for a token that expires one hour after, and we perform the operations we want using the token as the password: no need to rotate the password anymore.
I did something similar with Airflow using an
AirflowPlugin
and thesqlalchemy
decoratorevent.listens_for(..., "do_connect")
.My goal would be to do the same with MLflow, to resume: have some code that would replace the password of the connection with the token value and is executed each time there is an attempt to connect to the PostgreSQL server.
I am not familiar with the MLflow plugins, and I have difficulties to understand their purposes, but are they intended to answer this kind of problem?
If yes, I have the feeling that I should create a class as a child of this
SqlAlchemyStore
class and add my function with my decorator so that the password gets modified whenever the function runs (i.e. each time there is a "do_connect" operation).If not, what would be the other way to leverage token authentication instead of password authentication?
Thanks if you can help!
Beta Was this translation helpful? Give feedback.
All reactions