I would like the developers of the Power BI desktop and service to add an option for authenticating to a PostgreSQL database using a custom client certificate. See https://www.postgresql.org/docs/current/auth-cert.html and https://www.postgresql.org/docs/current/ssl-tcp.html#SSL-CLIENT-CERTIFICATES for more details. Besides simply being an improvement to Power BI in general, let me explain why this new authentication method would help me.

I control a PostgreSQL database running in AWS EC2. I want to connect some Power BI reports to this database, but I do not want to open the database up for public access where anyone can try to brute force username/password combinations. I am okay with opening the database up for public access using the stronger protocol of client certificate authentication (username + valid SSL certificate with CN matching the username). I have other applications that already connect to the database in this way.

Since Power BI does not support using client certificate authentication, the only workaround I can see is to install the gateway application on a VM so that all PostgreSQL queries are funneled through this gateway. Therein lies another problem: the gateway cannot be installed on a Linux server; it needs a Windows VM. This would incur additional costs and it just isn't ideal or clean.

I also researched the possibility of explicitly whitelisting all the required Power BI service IP addresses, but I found this problem relatively intractable as well. Because the Power BI service IPs are apparently dynamic and plentiful.

Thank you,

Cameron Vogt