Sensitive Environment Variables contained in logs and CLI #7654
Replies: 1 comment
-
|
I figured it out. For whatever reason, I missed it in the documentation but you must prefix sensitive variables with the prefix DBT_ENV_SECRET and they will be scrubbed from any logs. Would be cool if it could be expanded potentially to something like PASSWORD or API_KEY or some of the most common sensitive environment variables. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
When trying to access private dbt packages through the packages.yml file, I realize that if you use something like a personal access token as an environment variable, it is logged to both the CLI and the logs. Is there a specific naming convention that must be used to scrub environment variables from the logs or is this a potential security issue that has been overlooked?
Beta Was this translation helpful? Give feedback.
All reactions