Hey @Kevin Vasko, which access key and secret key are you referring to?
k
Kevin Vasko
10/05/2022, 2:09 PM
to access lakeFS. So for example, if i create a user or they use their LDAP credentials and use python to access lakeFS instead of hard coding credentials in the code in clear text, what are the options?
y
Yoni Augarten
10/05/2022, 2:13 PM
Thanks for the details, @Kevin Vasko. It is a question of how your application is deployed and how you manage secrets in it. For example, if you're running on AWS, they can come from AWS Secrets Manager. If you're running in Kubernetes, they can come from Kubernetes secrets.
k
Kevin Vasko
10/05/2022, 2:14 PM
Can you point me to how that’s done with say the python lakefs_client package? Is there a way of pulling it from credentials file maybe?
y
Yoni Augarten
10/05/2022, 2:15 PM
You should handle lakeFS credentials as you would any other set of credentials in your app (e.g. database password, API keys of third party services, access tokens, etc.)
There is currently no built in way to pull them from a file. Most users choose to pass the credentials to the code using environment variables.
k
Kevin Vasko
10/05/2022, 2:17 PM
Got it.
Yeah, that’s i’ve never found the perfect solution for this either haha. It always seem like an “after thought”.
y
Yoni Augarten
10/05/2022, 2:20 PM
I agree, handling sensitive information is always scary😛