Private data storage
To safely store keys, passwords, and other private information, DataSphere provides a special type of resource called secrets.
A secret is a key-value pair with the value stored in an encrypted format. After you create the secret, you will see
*** instead of the value.
Secrets are created in a project and associated with it. You can use created secrets in a cell code as environment variables to securely connect to data sources and version control systems, and store keys there, which are needed to create other resources , such as S3 connectors.
You can't modify a secret created in a different project, but you can modify its copy.
A copied secret is separate from the original: you can edit and delete the copy without affecting the original.
The advantage of secrets is that their values are stored and transferred in encrypted form only and can't be used when publishing the code and in project logs. Do not output the value of a secret to the screen or assign it to a regular variable.
Information about secrets as a resource
The following information is stored about each secret:
- Unique resource ID.
- Resource creator.
- Date when the resource was created and last modified, in UTC format, such as
July 18, 2022, 14:23.
The secret page also contains sample bash and Python code for running the resource in a project cell.
Scope of secrets
Once created, a secret is available for a project. A community admin can share the secret with other community projects by granting access to it in the Access tab on the secret viewing page. Secrets available to the community appear on the community page under Resources.