Resolving the 'Authentication Type 10 Not Supported' Error for Amazon QuickSight and Amazon RDS

Overview

In the realm of data analysis and visualization, tools like Amazon QuickSight and databases like Amazon RDS play crucial roles. However, sometimes, connecting these services can lead to unexpected errors, such as the ‘Authentication Type 10 Not Supported’ error. This error can disrupt your workflow and hinder your ability to access and analyze your data effectively. In this blog, we’ll dive into the common causes of this error and provide simple solutions to troubleshoot and resolve it, ensuring smooth connectivity between Amazon QuickSight and Amazon RDS for seamless data analysis experiences.

Introduction

Amazon QuickSight and Amazon RDS are two such services that play vital roles in data analysis. Amazon QuickSight provides powerful visualization capabilities, allowing users to gain insights from their data quickly.

On the other hand, Amazon RDS offers a managed database service, simplifying the setup, operation, and scaling of relational databases. Together, these services form a robust foundation for businesses to analyze their data effectively and make informed decisions.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Understanding the Error

Error Details: When attempting to connect Amazon QuickSight with Amazon RDS, users might encounter the following error message:

error

Underlying Causes of the Error

The errors happen because the way passwords are encrypted in newer versions of PostgreSQL has changed to something called SCRAM authentication. QuickSight uses a driver to connect, which doesn’t support the new encryption method “scram-sha-256”; it only supports the older “md5” encryption.

Before PostgreSQL 14, SCRAM authentication existed from version 10 onwards, but it wasn’t a problem for most because it wasn’t the default. It was something you had to choose to use. Now, with PostgreSQL 14, things are changing. Older versions are not supported anymore, and there’s a push for everyone to upgrade. This means old ways of encrypting passwords are replaced by SCRAM authentication, making it the primary method.

SCRAM Authentication

When you log in, the database client and server confirm they know the password without sharing it. They use a method called Salted Challenge and Responses, specifically SCRAM-SHA-256, following rules in RFC 7677. This makes it tough for someone to figure out the password.

This approach is tough against:

Guessing passwords from a list
Repeating previously captured login data
Stealing stored password codes

In summary, it makes breaking into an account with a password much more difficult.

Steps to Resolve the Authentication Error

To make sure new passwords are encrypted in a certain way in your RDS database, you can create a custom parameter group. Choose the family as aurora-postgresql14 and the type as DB Cluster Parameter group. Set a parameter called password_encryption to ‘md5’ in this group. Then, connect this parameter group to your cluster and restart the cluster so that the new settings apply.

After doing this, any new passwords you set will be encrypted using ‘md5’. But remember, the existing passwords will stick with the old encryption. If you want to update the encryption for those, you’ll need to change the password for the main user of the database.

Step 1: Create an Amazon RDS custom parameter group by selecting the parameter group family as aurora-postgresql14, and the type will be DB Cluster Parameter group.

step1

Step 2: Once created, Edit the Parameter group, set password_encryption to ‘md5’, and save it.

step2

Step 3: Select the Amazon RDS Database cluster. Click on modify and attach it to the cluster of the Amazon RDS database.

step3

Step 4: Select the option “Apply Immediately” and save it.

step4

Note – It will require a reboot. The changes are applied immediately

Step 5: Connect to the Amazon RDS Database and Update the password of the database master user

Command: ALTER USER postgres WITH PASSWORD ‘<enter your password here>’

Note: Any existing password will still be encrypted using previous encryption, and the new password will be encrypted using ‘md5’.

Conclusion

Following the step-by-step solutions outlined in this guide, you can overcome the ‘Authentication Type 10 Not Supported’ error and establish a successful connection between Amazon QuickSight and Amazon RDS. Streamlining this process ensures a smoother experience and unlocks the full potential of your data visualization and analysis.

Drop a query if you have any questions regarding Authentication Error and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

Accelerated cloud migration
End-to-end view of the cloud environment

Get Started

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.

FAQs

1. What does the 'Authentication Type 10 Not Supported' error mean?

ANS: – This error indicates a mismatch in authentication types between Amazon QuickSight and Amazon RDS. It suggests that the driver does not support the configured authentication scheme.

2. How can I check and configure the pg_hba.conf file to resolve the error?

ANS: – Access your PostgreSQL server’s pg_hba.conf file and ensure it includes the client’s IP address or subnet. Adjust the authentication scheme to align with the driver’s requirements.

3. Why is resolving this authentication error crucial for Amazon QuickSight and Amazon RDS connection?

ANS: – Resolving the error ensures a secure and supported connection, allowing for seamless data visualization and analysis in Amazon QuickSight by establishing compatibility between the authentication types used by Amazon QuickSight and Amazon RDS.

WRITTEN BY Aritra Das

Aritra Das works as a Research Associate at CloudThat. He is highly skilled in the backend and has good practical knowledge of various skills like Python, Java, Azure Services, and AWS Services. Aritra is trying to improve his technical skills and his passion for learning more about his existing skills and is also passionate about AI and Machine Learning. Aritra is very interested in sharing his knowledge with others to improve their skills.