Storing Secrets for Scripts: Difference between revisions
No edit summary |
|||
| Line 25: | Line 25: | ||
Secure strings can be used in the following locations: | Secure strings can be used in the following locations: | ||
* [[QPR ProcessAnalyzer Scripting Commands|SQL scripting commands]]: ImportOdbcQuery, ImportOleDbQuery, ImportSalesforceQuery, ImportSapQuery and ImportSqlQuery. | * [[QPR ProcessAnalyzer Scripting Commands|SQL scripting commands]]: ImportOdbcQuery, ImportOleDbQuery, ImportSalesforceQuery, ImportSapQuery and ImportSqlQuery. | ||
* In the [[QPR_ProcessAnalyzer_Model_Datasources#Loading_Data_from_ODBC_Datasource| | * In the [[QPR_ProcessAnalyzer_Model_Datasources#Loading_Data_from_ODBC_Datasource|ODBC datasources of model]]. | ||
* In the [[DataFrame_in_Expression_Language#ImportOdbcSecure|ImportODBCSecure]] function | * In the [[DataFrame_in_Expression_Language#ImportOdbcSecure|ImportODBCSecure]] function (expression language) | ||
[[Category: QPR ProcessAnalyzer]] | [[Category: QPR ProcessAnalyzer]] | ||
Revision as of 07:27, 16 April 2020
Secure strings provide a way to store passwords and other confidential information in QPR ProcessAnalyzer in a way that the information can be used without users seeing the original plaintext. For example, in ETL scripts, SAP, Salesforce and ODBC passwords can be stored as secure strings, which can then be referred by their names in the ETL script commands.
When the secure strings are stored, the purpose (called type of the secure string) of the secure string is also defined. Following types are available: Odbc connection strings, SAP passwords, Salesforce passwords, ADO.Net Sql connection strings and OleDb connection strings. For example, if a secure string type is SAP password, it cannot be used as an ODBC connection string.
Secure strings are project specific, so theie permissions come from the project. To use a secure string, the user needs to have at least GenericRead permission to the project.
Storing Secure Strings
Secure strings are stored in the QPR ProcessAnalyzer database in the PA_KEY_VALUE_STORE table. The database administrator can store new secure strings by following the instructions below.
The PA_KEY_VALUE_STORE table has the following columns:
- KVS_ID: Row id. Leave empty as its filled automatically.
- KVS_TYPE: Type of the secure string to determine its purpose. Available values are:
- 1: ODBC connection string. Can be used in the ImportODBCSecure function and ImportOdbcQuery command.
- 2: SAP password. Can be used in the ImportSapQuery command.
- 3: Salesforce password. Can be used in the ImportSalesforceQuery command.
- 4: Sql connection string. Can be used in the ImportSqlQuery command.
- 5: OleDb connection string. Can be used in the ImportOleDbQuery command.
- KVS_PROJECT_ID: If of the project, to which the secure string is stored.
- KVS_KEY: Key (name) of the secure string. Use a descriptive key name. Note that there cannot be any duplicates within the same project id.
- KVS_VALUE: The actual secured data, which is typically a password or a connection string.
Using Secure Strings
Secure strings can be used in the following locations:
- SQL scripting commands: ImportOdbcQuery, ImportOleDbQuery, ImportSalesforceQuery, ImportSapQuery and ImportSqlQuery.
- In the ODBC datasources of model.
- In the ImportODBCSecure function (expression language)