Use case: With authentication on cassandra and creating users for applications with relevant access on their keyspace. The CQL files may contains sensitive information such as the password for the user e.g.
// Change default user password
ALTER ROLE cassandra WITH PASSWORD='somePassDev'
CREATE ROLE someApp WITH PASSWORD = 'somePasswordForDev' AND LOGIN = true;
GRANT ALL ON KEYSPACE someAppKeyspace TO someApp;
Possible approach, allow for the password to be some cipher text and cqlmigrate is able to decrypt the cipher text given the key to the actual password at runtime and apply the CQL. It would be great useful feature for teams who also manage their own infra. Possible encryption library: Jasypt
Use case: With authentication on cassandra and creating users for applications with relevant access on their keyspace. The CQL files may contains sensitive information such as the password for the user e.g.
// Change default user password ALTER ROLE cassandra WITH PASSWORD='somePassDev'
CREATE ROLE someApp WITH PASSWORD = 'somePasswordForDev' AND LOGIN = true; GRANT ALL ON KEYSPACE someAppKeyspace TO someApp;
Possible approach, allow for the password to be some cipher text and cqlmigrate is able to decrypt the cipher text given the key to the actual password at runtime and apply the CQL. It would be great useful feature for teams who also manage their own infra. Possible encryption library: Jasypt