Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In CDAP, open the HTTP interface. Click System Admin > Configuration > Make HTTP Calls.

  2. Issue the following PUT command:
    namespaces/<namespace-id>/securekeys/<secure-key-name>
    with a JSON-formatted body that contains the description of the key, the data (password) to be stored under the key, and a map of descriptive properties associated with the key (these can help you identify the key in the future):

    Code Block
    {
      "description": "Example Secure Key",
      "data": "<secure-contents>",
      "properties": {
        "<property-key>": "<property-value>"
      }
    }

    For example, the following PUT command creates a secure key called mykey with a password of test123.
    PUT namespaces/default/securekeys/mykey

    JSON body:
    {
    "description": "Example Secure Key",
    "data": "test123",
    "properties": {
    "<property-key>": "<property-value>"
    }
    }

    The Status Code: 200 means you successfully created the secure key to store the encrypted password for the database. CDAP saves the secure key in the secure store located in the store folder under your CDAP Sandbox installation directory.
    Now that you’ve created a secure key, you can add it as a macro in the Password field of a Database plugin.

  3. In the Pipeline Studio, create a pipeline with a Database Batch Source plugin.

  4. Click the Database plugin Properties button.

  5. In the Password field, click the macro button and add a secure macro: The secure macro has the format ${secure(<secure-key-name>)}. In this example, add ${secure(mykey)}

  6. Build the rest of the pipeline and run it.

Example:

...

Using a Secure Key to a Compute Profile for a Dataproc Cluster

You’re using CDAP and want to use Dataproc as your provisioner. You also want to create a secure key for your Service Account in your compute profile for the Dataproc cluster.

...