About MongoDB Source Connector and encrypting password fields in config files
109 views
Skip to first unread message
mustafa kaman
Jul 22, 2020, 12:29:51 PM7/22/20
to debezium
Hi there,
I have two points that need to be clarified and that I couldn't find any solution on the docs.
1- Is MongoDB (source) connector supporting SSL security options to connect Kafka brokers, like MySQL connector? MySQL connector seems to have pass-through SSL configuration parameters (database.history.producer.ssl*), on the contrary MongoDB connector doesn't.
2- Is there any option to encrypt database password fields (e.g. mongodb.password) in Debezium connector configuration files? Or In general, is there a generic workaround to encrypt credentials in config files?
Thanks in advance.
Gunnar Morling
Jul 23, 2020, 6:00:25 AM7/23/20
to debezium
Hi Mustafa,
mustafa kaman schrieb am Mittwoch, 22. Juli 2020 um 18:29:51 UTC+2:
Hi there,I have two points that need to be clarified and that I couldn't find any solution on the docs.1- Is MongoDB (source) connector supporting SSL security options to connect Kafka brokers, like MySQL connector? MySQL connector seems to have pass-through SSL configuration parameters (database.history.producer.ssl*), on the contrary MongoDB connector doesn't.
Are you asking about SSL between the database and the Debezium connector, or between Kafka Connect (Debezium's runtime) and the Kafka broker? Both is supported; for the former see the mongodb.ssl.enabled property (https://debezium.io/documentation/reference/connectors/mongodb.html#mongodb-property-mongodb-ssl-enabled), the latter is standard Kafka Connect (producer) config, which is the same no matter which specific Debezium connector you're using. Please see the upstream Connect docs for details.
2- Is there any option to encrypt database password fields (e.g. mongodb.password) in Debezium connector configuration files? Or In general, is there a generic workaround to encrypt credentials in config files?
Yes, you can externalize secrets like DB credentials. Please see Jiri's post for a conclusive example:
Hth,
--Gunnar
Thanks in advance.
Reply all
Reply to author
Forward
0 new messages