Storing Secrets for Scripts: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
Secrets provide | Secrets provide method to store passwords and other confidential data in QPR ProcessAnalyzer, so that they can be used without users being able to see the original plaintext. For example in ETL scripts, SAP, Salesforce and ODBC passwords can be stored as secrets, which can be referred by their names in the ETL script commands. | ||
When the secure strings are stored, the purpose (called type of the secure string) of the secure string is also defined. Following types are available: ''Odbc connection strings'', ''SAP passwords'' and ''Salesforce passwords''. For example, if a secure string type is ''SAP password'', it cannot be used as an ODBC connection string. | When the secure strings are stored, the purpose (called type of the secure string) of the secure string is also defined. Following types are available: ''Odbc connection strings'', ''SAP passwords'' and ''Salesforce passwords''. For example, if a secure string type is ''SAP password'', it cannot be used as an ODBC connection string. | ||
Secrets are project specific, so their permissions come from the project. To use a secret, the user needs to have ''GenericRead'' permission to the project. To define a secret, the ''ManageProject'' permission to the project is needed. | |||
== Setting secrets == | == Setting secrets == | ||
Line 15: | Line 13: | ||
* [[QPR_ProcessAnalyzer_Model_Datasources#Loading_Data_from_ODBC_Datasource|ODBC datasources of model]]. | * [[QPR_ProcessAnalyzer_Model_Datasources#Loading_Data_from_ODBC_Datasource|ODBC datasources of model]]. | ||
* [[DataFrame_in_Expression_Language#ImportOdbcSecure|ImportODBCSecure]] function (expression language) | * [[DataFrame_in_Expression_Language#ImportOdbcSecure|ImportODBCSecure]] function (expression language) | ||
Note: Currently [[SQL Scripting Commands#--.23ImportSqlQuery|ImportSqlQuery]] and [[SQL Scripting Commands#--.23ImportOleDbQuery|ImportOleDbQuery]] don't yet support the secrets. |
Revision as of 11:59, 18 January 2024
Secrets provide method to store passwords and other confidential data in QPR ProcessAnalyzer, so that they can be used without users being able to see the original plaintext. For example in ETL scripts, SAP, Salesforce and ODBC passwords can be stored as secrets, which can be referred by their names in the ETL script commands.
When the secure strings are stored, the purpose (called type of the secure string) of the secure string is also defined. Following types are available: Odbc connection strings, SAP passwords and Salesforce passwords. For example, if a secure string type is SAP password, it cannot be used as an ODBC connection string.
Secrets are project specific, so their permissions come from the project. To use a secret, the user needs to have GenericRead permission to the project. To define a secret, the ManageProject permission to the project is needed.
Setting secrets
Secrets can be set using SetSecret function for Project entities. There is also Secrets property for project entities to list all secrets in the project.
Using secrets
Secrets can be used in the following commands:
- SQL scripting commands: ImportOdbcQuery, ImportSalesforceQuery and ImportSapQuery.
- ODBC datasources of model.
- ImportODBCSecure function (expression language)
Note: Currently ImportSqlQuery and ImportOleDbQuery don't yet support the secrets.