Using encrypted password for db connection

Solved!
Oscar
Level 3
Using encrypted password for db connection

Hi all,

I want to ask if there is some way to use AES encrypted password for postgresql-db connection ? Due to security concerns we don't want to export our plain text password in server.json file, which is mandatory for building an API.

The goal is to use postgresql sql query in API. But right now this is our main blockpoint.

Thanks in advance for any kind of help

1 Solution
Clรฉment_Stenac

Hi,

Password encryption is not supported on the API node.

It's important to understand that password encryption is mostly here to prevent casual mistakes, and exporting passwords through API.

Fundamentally, DSS needs to be able to actually send the raw password, so DSS has the ability to decrypt the password, which means that the decryption key is also accessible. Meaning that for users who have shell level access to the DSS node, they can get to the decrypted password

View solution in original post

2 Replies
Clรฉment_Stenac

Hi,

Password encryption is not supported on the API node.

It's important to understand that password encryption is mostly here to prevent casual mistakes, and exporting passwords through API.

Fundamentally, DSS needs to be able to actually send the raw password, so DSS has the ability to decrypt the password, which means that the decryption key is also accessible. Meaning that for users who have shell level access to the DSS node, they can get to the decrypted password

Ankit96140
Level 2

How frequently the encryption/decryption keys are rotated in Dataiku ?

0 Kudos