cancel
Showing results for 
Search instead for 
Did you mean: 
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Showing results for 
Search instead for 
Did you mean: 

Databricks cluster Encryption keystore_password

kjoth
Contributor II

How to set up this value? Is this any value we can provide or the default value we have to p

#!/bin/bash
 
keystore_file="/dbfs/<keystore_directory>/jetty_ssl_driver_keystore.jks"
keystore_password="gb1gQqZ9ZIHS"
sasl_secret=$(sha256sum $keystore_file | cut -d' ' -f1)

1 ACCEPTED SOLUTION

Accepted Solutions

Prabakar
Esteemed Contributor III
Esteemed Contributor III

Hi @karthick J​ do not change the password from the script. You need to just modify the <keystore_directory> and create the init script.

In the first step of the notebook, you will copy the Keystore file to a directory in DBFS.

As it is Databricks keystore file you cant change the password.

View solution in original post

7 REPLIES 7

-werners-
Esteemed Contributor III

I do not exactly understand the question.

Do you want to store secrets like this?

https://docs.databricks.com/security/secrets/index.html

Prabakar
Esteemed Contributor III
Esteemed Contributor III

This is not for secrets but for Encrypting Traffic Between Worker Nodes. 😉

Prabakar
Esteemed Contributor III
Esteemed Contributor III

Hi @karthick J​ do not change the password from the script. You need to just modify the <keystore_directory> and create the init script.

In the first step of the notebook, you will copy the Keystore file to a directory in DBFS.

As it is Databricks keystore file you cant change the password.

Hubert-Dudek
Esteemed Contributor III

I think as @Werner Stinckens​ said you need to provide more details what exactly you want to accomplish and where this script is put.

For all secrets the best way is to use databricks secret or Azure Key Valut (or AWS KMS) so you don't store your passwords in code. If you want to encrypt dbfs is better to make own mount and use ready Azure/S3 encryption options using own keys there.

Yes, I should have provided more detail, as the question is not clear. I will make sure to ask with clear details forward. Like @Prabakar Ammeappin​  said, the query was on databricks cluster encrypting Traffic bewteen workers nodes.

Prabakar
Esteemed Contributor III
Esteemed Contributor III

Thanks @Prabakar Ammeappin​