Vault

Vault is the place for you to store your secret (credential, database connection password, etc.)

Overview

Vault is encrypted storage for your sensitive information used in your data pipeline. When you build your pipeline, you may need to store secrets about your credential. The secret then will be encrypted with stored, only the spark cluster for your job decrypts the secret and use the sensitive information.

_images/datarow-vault.png

Create a new secret

You can create a new secret by click on the “New Secret” button. The secret is a key value pair, the key is the value name and the value is the secret itself.

Note

Once the secret is saved, the value is encrypted and only the spark cluster which runs your pipeline jobs can decrypt the value.

Use the secret

When you need to access your secret in your activity, you can click on the checkbox at the right side of the field to enable the templating feature. To access the vault value, you can enter the value like this in activity detail with templating feature enabled (checkbox right next to each input field inside activity detail).

${vault:demodatabasepassword}
_images/vault-2.png

Edit/delete a secret

You can edit or delete the secret by click on the edit or delete button. When edit, you can enter a new secret value for the existing secret name.

Note

Since the plain text secret value is never stored, you can only enter a new value for your existing secret name.