Datacoral Documentation

Datacoral Documentation

  • Release Notes
  • Back to datacoral.com

›Technical Documents

Getting Started

  • Home
  • Install CLI
  • Install Datacoral

CLI Reference

  • Collect Commands
  • Organize Commands
  • CLI Cheatsheet
  • Redshift Materialized Views Cheatsheet
  • Athena Materialized Views Cheatsheet
  • Troubleshooting Documentation

Collect Slices

  • Collect Overview
  • API Slices

    • Asana
    • Asana Premium
    • CloudWatch
    • Datadog
    • Delighted
    • Facebook
    • Fountain
    • FullStory
    • GitHub
    • Google Analytics
    • Google Adwords
    • Greenhouse
    • HubSpot
    • Intercom
    • JIRA
    • Launch Darkly
    • NetSuite
    • Non-Datacoral
    • Outreach
    • Phabricator
    • Pingdom
    • S3
    • Salesforce
    • Stripe
    • Zendesk
    • Zuora

    Database Slices

    • Database Collect Slices
    • Firebase
    • MongoDB
    • MySQL
    • MySQL CDC
    • PostgreSQL

    Events Slices

    • Events Overview
    • Android
    • Browser
    • Objective-C (iOS)
    • Pixel Tracking
    • nodeJS
    • Python
    • .Net
    • Ruby
    • Snowplow Events

Organize Slices

  • Data Organization
  • Managed Redshift
  • Managed Glue

Harness Slices

  • Harness Overview

Technical Documents

  • Timelabels
  • Definitions
  • Materialized Views
  • Security Architecture
  • Encrypt Password
  • Configuring Alerts
  • Existing Redshift

Encrypt Password

Password handling in Datacoral

All customer data is encrypted at rest as well as in motion using customer managed KMS keys. Datacoral’s cross-account role does not have decrypt permissions on the KMS keys. This means that Datacoral cannot read any customer data. The credentials needed by the collect slices to connect to SaaS products and databases are also stored encrypted using customer managed KMS keys within your AWS account in Amazon DynamoDB.

Credentials

  • Data Source Credentials like database connection strings and API keys for SaaS products are stored in DynamoDB encrypted using your KMS keys.
  • Credentials for analytics databases like hive and redshift are also stored encrypted in DynamoDB

When adding slices, credentials can be provided in clear text and Datacoral would encrypt it for you before storing the entry into DynamoDB and decrypt when describing the slice.

However, we do recommend using pre-encrypted credentials, as it allows for you to source control configuration files to automate installations for Data Ops and share configurations without compromising security.

Encode password

Steps to encrypt your password are:

  1. Set your installation name and password in the following variables
export installation=YOUR_INSTALLATION_NAME key=YOUR_PASSWORD;
  1. Encrypt and encode your password
aws kms encrypt --key-id alias/datacoral-${installation} --plaintext ${key}  --output text | awk '{print $1;}'  | node -e "console.log(JSON.stringify(JSON.parse(JSON.stringify(new Buffer(fs.readFileSync(0).toString(), 'base64'))).data));"
  1. Use the integer array to add slices
← Security ArchitectureConfiguring Alerts →
  • Password handling in Datacoral
  • Credentials
  • Encode password
datacoral

Product

OverviewWhy Datacoral ?Slice Catalog

Customers

CustomersGreenhouse Case StudyFront Case Study

Company

AboutTeamCareersBlog

Legal

Privacy Policy
Copyright © 2019 Datacoral