Managing Credentials

The data sources used in this tutorial have been publicly accessible. However, RAW can access secure servers. This requires registering credentials in RAW's Credentials Service.

Generally, then registering a credential, a name is then given to the credential; this name is then used in the query to refer to the set of credentials to use.

Credentials can be managed in the Web Admin UI, command-line client, or even using Jupyter magics. However, we recommend to register credentials in the Web Admin UI, so that secrets are never stored in a notebook.

For instance, for relational databases, the Jupyter magic %%rdbms_register can be used. It requires the following parameters:

%%rdbms_register <credentials name>
type: <database vendor: e.g. postgresql, mysql, sqlserver, oracle, teradata....>
host: <host>
[database: <database>]
[port: <port>]
[username: <username>]
[password: <password>]
[parameters: <parameters>] -- only for teradata databases

Suppose we registered a PostgreSQL credential with:

%%rdbms_register psql01
type: postgresql
host: postgres-demo.server.host
database: demo_db
username: raw
password: 12345

Then the PostgreSQL service can be queried with:

%%rql

SELECT * FROM READ_PGSQL("psql01", "schema", "table")

Note that psql01 refers to the credential name used in the rdbms_register command.

To list existing credentials:

Or in the case of access keys/secrets for S3 buckets on AWS:

Next: Querying Relational Database Systems