Using encrypted password for db connection
Hi all,
I want to ask if there is some way to use AES encrypted password for postgresql-db connection ? Due to security concerns we don't want to export our plain text password in server.json file, which is mandatory for building an API.
The goal is to use postgresql sql query in API. But right now this is our main blockpoint.
Thanks in advance for any kind of help
Best Answer
-
Hi,
Password encryption is not supported on the API node.
It's important to understand that password encryption is mostly here to prevent casual mistakes, and exporting passwords through API.
Fundamentally, DSS needs to be able to actually send the raw password, so DSS has the ability to decrypt the password, which means that the decryption key is also accessible. Meaning that for users who have shell level access to the DSS node, they can get to the decrypted password
Answers
-
How frequently the encryption/decryption keys are rotated in Dataiku ?