Appendix. Encrypt DB user password
This document describes how to encrypt DB user passwords. s
caution
- The
user.passwordfield must contain an encrypted value for successful creation.
Prerequisites
Encrypt DB user password using Python example
The following is a Python example for encrypting required DB user password.
Run the example code using the public key provided below, enter the desired password, and receive the encrypted result.
Use the resulting value as the user.password field when creating instance group or cluster.
Code example: encrypt DB user password
memstore_pub_key.pem file
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAr4mgZ4SFzTEtgdh3WZSWgMF/l6PhR9gdeq8jwP2BlyWW06UgZPhL
jKi+o3rbCWtpARtpn9ik1DKfG2ZQOempPlBv70JZMqzuvZcDueQdihRS2isCq5rS
6V40S8eq3UIi80UVS6U3hIFA0y3uNMREW1ny5H4nw2IQUIXm7W2KSIc57JE4uIu9
cmNvG1uwbBuj49JUUmHIgxd9FYURxeVyuwc5CO9uA5tXTYPePtOSXQs4SnoEJK+o
t+EQMBpokaUe/UYHjr4z68Lz8V+3r62bkfFr5dN5MsVpAeOMHp0az3H2uIfU8JQa
6FNZ7BJcuEP8ezEL6GQUkLJ8P0tQQ/5spQIDAQAB
-----END RSA PUBLIC KEY-----
Encrypt DB user password example
#!/usr/bin/env python3
import sys
from Cryptodome.Cipher import PKCS1_v1_5
from Cryptodome.PublicKey import RSA
import base64
# Get public key from a file
pubkey_file = open("memstore_pub_key.pem", 'r')
pubkey = pubkey_file.read()
pubkey_file.close()
# Input DBUser_Password
msg = input("Enter KC memstore DBUser Password: ")
# Create key using public key
key = RSA.importKey(pubkey)
cipher = PKCS1_v1_5.new(key)
cipher_msg = cipher.encrypt(msg.encode())
encode_msg = base64.b64encode(cipher_msg)
encryptedMsg = encode_msg.decode('utf-8')
# Encrypted Text
print("Encrypted text : ", encryptedMsg )
Result example
Example result of running the code
test@test-macbook ~ % ./memstore_dbuser_password_encrypt.py
Enter KC memstore DBUser Password: kcmemstore123$
Encrypted text : QEmUQjAZqAHEBpdiVlok/9l6fDKM6f0Q60S35pQmB/KILKf5c3SrcbWv55H1fu+EevKVeA1cCNzgJxz0rMMdtgPE5zoBX2c6cQoUqsUZ0g9e3pAg3WEt70HxMfxyVy1WY2TNe2uic6l0+Nx+cIdIBJcBpJ+OQQTrSdCDDLUQRnrnhuPqnyXvdgP0tXjgpKzmfLsjebJS9Wa+8TY9ee6oBLx5F2+XMjDFapw4hXfbSwKUWDFK+czTa11zwYDpMdwmISVWwX9e77rfZg7f9sfsd2+lzbFj52LORf1CF2DGzgqP3I3xSf+0KiekwwAy3Kca5EHkyqK7mWeXMeKk7qnWjQ==