Databricks Community

Abel_Martinez · ‎11-23-2022

When I use dbutils.secrets.get in my code, spaces in the log are replaced by "[REDACTED]" literal. This is very annoying and makes the log reading difficult. Any idea how to avoid this?

See my screenshot...

Sivaprasad1 · ‎11-23-2022

Hi @Abel Martinez : That is by design. The secrets won't be visible in the notebook which will be hidden.

https://docs.databricks.com/security/secrets/redaction.html

UmaMahesh1 · ‎11-23-2022

The reason why we store credentials as databricks secrets is to protect credentials when you run your jobs / notebooks. However to avoid accidental display of these secrets, databricks redacts these secrets.

The same can be found in the below documentation.

https://docs.databricks.com/security/secrets/redaction.html

Uma Mahesh D

UmaMahesh1 · ‎11-23-2022

As for the second part, if you want to get those secrets, there is a workaround.

secrets = dbutils.secrets.get(scope="scopeName", key="KeyName")

for value in secrets :

print(value , end=" ")

Hope this helps..

Uma Mahesh D

Abel_Martinez · ‎11-23-2022

Hi all, thanks for your feedback. I don't want to show the secrets, what I want is that Python output doesn't show spaces as [REDACTED]. I'm not printing the secrets, the text with [REDACTED] instead of spaces is the normal output for the Python notebook and exceptions.

UmaMahesh1 · ‎11-23-2022

REDACTED is a placeholder defined.

If you want to replace that in the output, for visual purposes you can do a bit of playing with the code to get there.

In the notebook cell where you are getting that output/error use the below assigning the output or error to a variable.

import sys

from IPython.utils.capture import CapturedIO

capture = CapturedIO(sys.stdout, sys.stderr)

..... <your code>

var1 = capture.stdout #use stdout or stderr as fit

When you print this var1, ideally the placeholder should be displaying as blank, but if it still displays, you can always use a .replace python function for that.

Please do let me know if this works...Cheers.

Uma Mahesh D

Abel_Martinez · ‎11-23-2022

Not the solution that I was finding but it works as a workaround.

Thanks!

SS2 · ‎11-29-2022

You can not see the secret in Databricks notebook. It will always show REDACTED. Even if in data you are getting same value that are same as secret then in that case you will always get REDACTED for that data.

Ajay-Pandey · ‎11-30-2022

Databricks redacts secret values that are read using

dbutils.secrets.get(). When displayed in notebook cell output, the secret values are replaced with

[REDACTED]

Although it is not recommended, there is a workaround to see actual value with a simple

for loop trick. So, you will get the value separated by spaces.

value = dbutils.secrets.get(scope="myScope", key="myKey")
 
for char in value:
    print(char, end=" ")
 
Out:
y o u r _ v a l u e

Ajay Kumar Pandey

labtech · ‎12-16-2022

Yes, obviously that you can not see the value in secret scope. That is important behavior of secret scope.

jlb0001 · ‎04-25-2023

I ran into the same issue and found that the reason was that the notebook included some test keys with values of "A" and "B" for simple testing. I noticed that any string with a substring of "A" or "B" was "[REDACTED]".

So, in my case, it was an easy fix ... just use less-common values for my test secrets, which meant that the silly and annoying redaction went away. Thanks to this thread for helping me realize this was the issue!

Databricks Community

Why Python logs shows [REDACTED] literal in spaces when I use dbutils.secrets.get in my code?

Connect with Databricks Users in Your Area

Insights from a global survey of 1,100 technologists and interviews with 28 CIOs

Data + AI Summit: Call for Presentations

Season's Speedings: Databricks SQL Delivers 4x Performance Boost Over Two Years

Now Hiring: Databricks Community Technical Moderator

Become Our Next Monthly Community Champion!