Secret Store

Zepl's Secret Store allows users to securely access any sensitive string without exposing the text in a notebook. Many libraries require sensitive data for authentication, which forces users into dangerous security practices by exposing their passwords, secrets, and API keys, in clear text. Use Zepl's Secret Store to keep your sensitive information safe while sharing your notebooks across your team.

Create a Secret

  1. 1.
    Navigate to: Resources > Data Sources
  2. 2.
    Select the Secret Store Icon:

Secret Store Inputs

  • Name (required)
  • Description (optional)
  • Credential Type: See Data Source Security
  • Key Values:
    • Key: This is the string used to return the secret Value. This string is viewable to other users.
    • Value: This is your sensitive string and is hidden from all users. While secrets are not visible to other users, it can be printed and viewed with commands in the notebook.

Use Secret Store

Reference your attached Secret Store data source in any supported language:
value = z.getDatasource("<Name>")["<Key>"]
val value = z.getDatasource("<Name>").asInstanceOf[Map[String, String]]("<Key>")
value = z.getDatasource("<Name>")["<Key>"]
value = z.getDatasource("Name")[["Key"]]

Applied Examples

Connecting to Azure File Storage API

This example walks through how to securely access the Azure File Storage system. This is a data source that Zepl has not yet created an an example that can be applied to any API that requires authentication. The secure text that we do NOT want to expose in our code is the Azure file storage signature. A signature is a unique key created by the Azure file storage owner and often expires after a given period of time.
To securely connect using Zepl and our Secret Store, follow these steps:
Create and attach a Secret with three Key-Value pairs. The Keys in our example are:client_secret, api_token , and signature . For this example we will ONLY be referencing the signature Key-Value pair, but know that if there are additional tokens for your Azure account, you can store them in one Secret for easy management.
In Azure, each client requires a Connection String and in this connection string there is a signature. This signature can be found in your Azure file storage console. At the very end of the code snippet below there is a place holder for <YOUR SIGNATURE> , which is where you will find the connection string signature. Copy that value and add it to your Secret above.
"BlobEndpoint=https://zeplstorage.blob.core.windows.net/;QueueEndpoint=https://zeplstorage.queue.core.windows.net/;FileEndpoint=https://zeplstorage.file.core.windows.net/;TableEndpoint=https://zeplstorage.table.core.windows.net/;SharedAccessSignature=<YOUR SIGNATURE>"
After you have set the signature value in your Secret, we will replace the signature placeholder,<YOUR SIGNATURE>,with the Zepl Secret reference code,z.getDatasource("Azure_Storage_Account")["signature"]:
connection_string = """BlobEndpoint=https://zeplstorage.blob.core.windows.net/;
Lastly, put it all together following the Azure documentation:
# Documentation: https://docs.microsoft.com/en-us/python/api/overview/azure/storage-file-share-readme?view=azure-python#creating-the-client-from-a-connection-string
# Install required libraries in the notebook container - Alternatively do this using Custom Images
!pip install azure-storage-file-share
# Connection information to my personal Azure file storage
storage_account_name = "zepltest"
share_name = "zepl_share"
parent_dir = "."
file_name = "diabetes.csv"
# Generate SAS and Connection String - # Valid until - 2020-10-26 07:30:01Z
# Using Zepl's Secret Store
connection_string = "BlobEndpoint=https://zeplstorage.blob.core.windows.net/;QueueEndpoint=https://zeplstorage.queue.core.windows.net/;FileEndpoint=https://zeplstorage.file.core.windows.net/;TableEndpoint=https://zeplstorage.table.core.windows.net/;SharedAccessSignature={}".format(z.getDatasource("Azure_Storage_Account")["signature"])
# List files from Azure
from azure.storage.fileshare import ShareDirectoryClient
# Connect to Azure File Directory service
parent_dir = ShareDirectoryClient.from_connection_string(conn_str=connection_string, share_name=share_name, directory_path=parent_dir)
# Get and Print folder structure
my_list = list(parent_dir.list_directories_and_files())