It’s amazing how often the ‘just use postgres‘ mental model works π
I’ve been implementing different methods of getting data in and out of Palantir Foundry.
A bunch of methods to get flat files into foundry
Today, let’s take look at the wonderful postgREST (I love this architecture philosophy note: Use a collection of sharp tools rather than building a big ball of mud )
First up, get a quick version of postgREST up and working. For illustrations purposes only. THIS IS SETUP IS NOT SECURE. THIS uses plain http to show connectivity. In production, web_anon should be SELECT-only and writes go through a JWT-authenticated role
Create a schema
create schema if not exists api;
Create roles
create role authenticator noinherit login password 'CHANGE_ME_STRONG';
create role web_anon nologin;
Grants
grant web_anon to authenticator;
grant usage on schema api to web_anon;
Table for testing
create table api.todos (
id serial primary key,
task text not null,
done boolean default false
);
Table Grants
grant select, insert, update, delete on api.todos to web_anon;
grant usage on sequence api.todos_id_seq to web_anon;
After creating users, roles, and a test schema + table. On an EC2 in the same network as the DB. A quick docker commanddocker run -d \
--name postgrest \
--restart unless-stopped \
-p 3000:3000 \
-e PGRST_DB_URI="postgres://authenticator:YOUR_PASSWORD@your-aurora-endpoint:5432/yourdb" \
-e PGRST_DB_SCHEMAS="api" \
-e PGRST_DB_ANON_ROLE="web_anon" \
-e PGRST_JWT_SECRET="your-jwt-secret-32-chars-or-more" \
-e PGRST_DB_POOL=10 \
postgrest/postgrest:v12.2.0
Test in postman (always test in postman)
Setup in Foundry
Use an agent so that you are in the same VPC
Create a simple webhook and test.
Create another simple webhook for testing the writes.
Create the JSON body (Using the @ symbol to set it to the input parameter)
Send a test POST message
Then use the previous GET webhook to check the write.
(Can also send Prefer: return=representation in the header) of the post
Michael Ellerbeck 