Improve AWS resource connection security

Hey. From a security standpoint, we want to avoid any occurrences of long-lived credentials. Today, Retool supports assuming a role for AWS resource connection, but it still requires us to provide a long-lived IAM user's access/secret key pair.

For the cloud hosted option, it'd be much nicer if there was a Retool owned principal that we could authorize by it presenting its own external id. This is an approach adopted by a lot of AWS partners. See related documentation here: How to use an external ID when granting access to your AWS resources to a third party - AWS Identity and Access Management

In a self-hosted setup, it'd be much nicer to be able to leverage an EC2 instance's own instance profile to later run assumeRole calls without ever needing to supply long-lived creds.

4 Likes