Secret Mangement Best Practices

[Ivan Berry]

What is the best way to manage secrets for APIs or Storage that we are using in Seeq Datalab?

 

 

[Ivan Berry]

These are two options I have used:

• Use a .env file, don't give many people access to the datalab project (don't use the corporate folder)
  • Advantage is that you can use github and share notebooks manually, no secrets stored in notebooks
  • Disadvantage is that nobody else can see or use the project unless you want them to have the secrets. (and seeq admins)
• Misuse the seeq "AccessKeys" API- Create a new seeq access key with the API secret in the name or description of the key (the seeq access key isn't needed)
  • Advantage is that secrets would only be available and viewable to individual user (and seeq admins)
  • Disadvantage is that it is using something in a non-standard way, which means it might stop working after an upgrade.

I think the .env is really the only way to go for now?

 

[Alberto Rivas]

Hi Ivan,
What is the intent here? For example, do you want other users to only execute the code without making any changes to the notebook or potentially not even seeing the code (and the secrets)? or are you expecting other users to take your notebook as a starting point and make their changes?

If it's the former, we are in the process of preparing documentation to provide some guidance. More to come on this in a few weeks.

If it's the latter, the typical approach is what you describe with a `.env` file. As you mentioned, you don't store any secrets in the notebook but expect other users to create their own `.env` file with their own credentials. Typically, you can also commit an example `env` file to the repo to show what is expected in the file. 
 

[Ivan Berry]

I really like the idea putting nearly everything on the corporate drive (in an organized fashion), it means that if I leave the company or move to a new responsibility, I'm not taking all the things I built with me in my personal drive. The intent would be that this can be done without sharing the secret with everyone that has access to the notebook.

I look forward to the documentation you are coming up with, it sounds close to what I am trying to do.

Thanks!

[Alberto Rivas]

To clarify, if a Seeq user needs to be removed, Seeq will force you to enter a new user who will take over ownership of the items owned by the user you want to remove. 

On the topic of restricting access to secrets and other sensitive information. We recently put together this page with some guidance on that topic. It would be great to hear your comments about it.