Whenever a new secret is created or updated, the secret is encrypted with the configuration encryption key. The master key is used to encrypt a configuration encryption key that is used across the system. Understanding how secrets storage worksĭuring installation Tableau Server generates and stores a master key in a Java keystore. This topic describes how secrets storage works and what you need to do to properly manage storage of secrets on Tableau Server. When a secret is needed, it is decrypted at run time. Most secrets are encrypted while at rest. And a number of different passwords are required for each service and programmatic user that communicates with Postgres. For example, a secret is required to protect communication between the Cluster Controller and ZooKeeper processes.
Secrets that are automatically generated by various processes in the system.These include credentials and associated secrets for the Run As User account and the SMTP credentials used by Tableau Server. Secrets that are generated by administrators.
They differ according to how the secrets are generated: There are two categories of secrets that are required to run Tableau Server. In this context, the term secret may refer to a password, a token, or other string that is used to authenticate one entity to another. Tableau Server needs to store a number of secrets it uses to perform various functions, typically securing internal communication, communicating with other applications or the operating system, or providing secure communication with clients.
0 kommentar(er)
