Storing passwords and other sensitive values in files using Runtime Resources

  • 17 January 2022
  • 0 replies
  • 35 views

Userlevel 4
Badge

In /var/lib/sdc/resources, you can have separate files for each of your different databases. If you wanted one for the user and one for the password for 3 databases, you would have 6 total files.

The contents of the files would be nothing more than the password or username. Be careful that you don't accidentally have a new line at the end of the file (vi's default operation adds one -- echo -n is a good way to ensure there isn't one).

 

Once the files are created, they should also be set to owner-only permissions using

chmod 600 <file>

 

In the StreamSets pipeline, you can reference these using the loadResource EL function:

${runtime:loadResource('<filename>', true)}

 

Most fields accept the runtime:loadResource expression, so you can use this as a way to externalize most configurations.

Documentation reference here.

 


This topic has been closed for comments