Sign up to take part
Registered users can ask their own questions, contribute to discussions, and be part of the Community!
Registered users can ask their own questions, contribute to discussions, and be part of the Community!
When I setup an AWS S3 data connection in DSS 9.0.1, if I select "Freely usable by: Every analyst", but "Details readable by: Nobody", users can still see all the details of the connection (even the clear text credentials) with code if they create a notebook and print the contents of the "remote-run-env-def.json" file in the notebook home directory.
Is this expected behavior? How is the "Details readable by: Nobody" option supposed to work?
Is there some other setting that's needed to obfuscate the connection credentials from non-owners of the connection?
Operating system used: RHEL 7.9
Hi,
These settings are only fully effective when DSS is configured with User Isolation enabled (https://doc.dataiku.com/dss/latest/user-isolation/).
Without User Isolation, user workloads run as the same UNIX user as the Dataiku server, and users can thus directly read the config, making these protections not effective.
Hi,
These settings are only fully effective when DSS is configured with User Isolation enabled (https://doc.dataiku.com/dss/latest/user-isolation/).
Without User Isolation, user workloads run as the same UNIX user as the Dataiku server, and users can thus directly read the config, making these protections not effective.
Thank you for the explanation!