Skip to content

Provide Secure Credentials

Okera recommends that you use secure credentials. Sensitive credentials should not be provided in plaintext, and instead should be provided in a secrets file either from local Secret sources such as Kubernetes secrets, or from Cloud secrets managers services.

Okera recommends (for auditability) that you create a new system user for Okera in your underlying database, and use those credentials in your Okera connection to that database.

Note: This system user must have read access to your data.

Secure credential stores that are supported by Okera include:

For information about using secrets in IAM policies, review the IAM policy examples for secrets in AWS secrets Manager.

Note: Make sure you provide the correct permissions for Okera to access your secrets file.