This website uses cookies. By clicking OK, you consent to the use of cookies. Read our cookie policy.
Accept
Reject
Community
Survey banner
Share your feedback on the Dataiku documentation with this 5 min survey. Thanks! TAKE THE SURVEY

Shared Secrets

Status: In the Backlog Submitted by Neuron on โ€Ž10-18-2022 07:14 PM

As we've been developing plugins and for other more exotic use cases, we've seen the need for shared secrets in Dataiku. Teams share account credentials or plugins may rely on some group based credential (e.g. Box JWT tokens for a "team account"). We hack around this using FTP type connections and parsing their secrets or an external secrets service which is harder to maintain. Group / shared secrets arent too far off as it is with Dataiku's great credentials handling, and this would be highly beneficial feature for collaboration and team based projects.

Comment
5 Comments
Turribeach
Neuron
Neuron
โ€Ž10-26-2022 07:27 PM

I support this too. We should really have a way to store shared secrets. At the moment what we do is that we create a Dataiku local account and use the user secrets for that account to store the shared secrets. This works as we use this account as the "runner" account to run project scenarios with a non-admin account which is only permissioned for each project. 

 

 

โ€Ž10-26-2022 07:27 PM

I support this too. We should really have a way to store shared secrets. At the moment what we do is that we create a Dataiku local account and use the user secrets for that account to store the shared secrets. This works as we use this account as the "runner" account to run project scenarios with a non-admin account which is only permissioned for each project. 

 

 

AshleyW
Dataiker
โ€Ž05-15-2023 06:37 PM

Thanks for your idea, @importpandas. Your idea meets the criteria for submission, we'll reach out should we require more information.

If youโ€™re reading this post and think it would be a great capability to add to Dataiku, be sure to kudos the original post! Feel free to leave a comment in the discussion about how this capability would help you or your team.

Take care,
Ashley

โ€Ž05-15-2023 06:37 PM
Status changed to: In the Backlog

Thanks for your idea, @importpandas. Your idea meets the criteria for submission, we'll reach out should we require more information.

If youโ€™re reading this post and think it would be a great capability to add to Dataiku, be sure to kudos the original post! Feel free to leave a comment in the discussion about how this capability would help you or your team.

Take care,
Ashley

johntarr
Level 3
โ€Ž09-07-2023 07:25 PM

Hoping this gets prioritized. 

We have several API calls and the developers are hardcoding the keys in the code (or at best placing them in the global variables for the project).

Can't put them in instance variables, or it exposes the key to all users.

โ€Ž09-07-2023 07:25 PM

Hoping this gets prioritized. 

We have several API calls and the developers are hardcoding the keys in the code (or at best placing them in the global variables for the project).

Can't put them in instance variables, or it exposes the key to all users.

importthepandas
Neuron
Neuron
โ€Ž09-07-2023 08:50 PM

@johntarr it's not pretty, but one hackaround we've implemented is to use an e.g. FTP connection and store your shared secrets as a json array there. then use dataiku apis to get the connection and its info/secrets for usage. it actually works well, but a dedicated secrets management module would be better.

โ€Ž09-07-2023 08:50 PM

@johntarr it's not pretty, but one hackaround we've implemented is to use an e.g. FTP connection and store your shared secrets as a json array there. then use dataiku apis to get the connection and its info/secrets for usage. it actually works well, but a dedicated secrets management module would be better.

tanguy
Neuron
Neuron
a month ago

I have a request closely related to this subject. So it's only natural I'm in favor of this product idea ๐Ÿ˜Š

Please note that this component should not be dependent on the Dataiku node (especially between Design and Automation) to avoid new releases when changing secrets.

a month ago

I have a request closely related to this subject. So it's only natural I'm in favor of this product idea ๐Ÿ˜Š

Please note that this component should not be dependent on the Dataiku node (especially between Design and Automation) to avoid new releases when changing secrets.

Labels

?
Labels (1)
Labels