Closed mycaule closed 3 months ago
Hey @mycaule -- you should use config
instead of meta
for secrets there-- they won't be included in the docs and things work the same way. Sorry about the confusion there, will update the docs to make "config" the default for stuff.
Re: managed storage options for Azure, is that similar to the AWS credentials chain? (Apologies I am not that familiar with Azure)
Thank you, yes there is a concept of DefaultAzureCredential()
just like in AWS, and you can allow managed identities to access the Blob storage to avoid using any passwords.
Yes that sounds superior, looking into it (read: "Asking GPT4 to write the code for me")
It worked this way
storage_options
in header and use only azure_use_azure_cli
(less repetitive than @milicevica23 code comments)az login
before dbt run
and dbt docs generate
, and there is no password leak in the HTML (with the azure_storage_account_key
either if you prefer the former technique)Maybe I can help update the README or developer documentation website if there is any ?
sources.yml
version: 2
sources:
- name: my_delta_source
config:
plugin: delta
storage_options:
azure_use_azure_cli: "True"
tables:
- name: table1
config:
delta_table_path: abfss://container@account_name.dfs.core.windows.net/path/to/table1
- name: table2
config:
delta_table_path: abfss://container@account_name.dfs.core.windows.net/path/to/table2
See https://docs.rs/object_store/latest/object_store/azure/enum.AzureConfigKey.html#variant.UseAzureCli
Hi @mycaule, thank you for pointing that out. As you pointed out above https://docs.rs/object_store/latest/object_store/azure/enum.AzureConfigKey.html#variants should be all possible configurations that can be used to access the Azure object storage. The only thing is if you use it as env variables it should be written with the upper case
Currently, I am on a trip so I will update my repo next week with more examples
azure_storage_account_key
gets leaked on generating documentation withdbt docs generate
Value is shown in the details of tables when viewing the HTML documentation.
Here is my configuration following @milicevica23 's repo which is also mentionned in the README of this repo.
Just wondering if there is also a way to use managed identity in
storage_options
to connect just with my Active Directory identity?profiles.yml
sources.yml
~/.zshrc