...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
{ "data_sinks": [ { "sink": "sftp_sink", "type": "sftp", "credentials": { "user_id": "eagle", "password": "eagle1" }, "cfg": { "host": "inno-mlperfapp01", "port": 22, "compression_codec": "gzip" } }, { "sink": "sftp_extracts", "type": "sftp", "credentials": { "user_id": "eagle", "password": "eagle1" }, "cfg": { "host": "inno-mlperfapp01", "port": 22, "compression_codec": "gzip", "location": "extracts" } } ] } |
...
The above RTR will create a credentials configuration which can be referred with the "credentials": "clientcredentials/sftpcrendentials" element in the distribution profile file.
Data Encryption
The data to be distributed can be encrypted. Currently only GPG is supported. The encryption is enabled using the encryption_policy element in the distribution profile as shown in the example below.
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
{
"data_sinks": [
{
"sink": "sftp_sink",
"type": "sftp",
"credentials": " "clientcredentials/sftpcrendentials",
"cfg": {
"host": "inno-mlperfapp01",
"port": 22,
"compression_codec": "gzip"
}
},
{
"sink": "sftp_extracts",
"type": "sftp",
"encryption_policy": {
"codec" : "gpg",
"credentials" : {
"client_id": "eaglekey"
}
},
"credentials": "clientcredentials/sftpcrendentials",
"cfg": {
"host": "inno-mlperfapp01",
"port": 22,
"compression_codec": "gzip",
"location": "extracts"
}
}
]
}
|
The encryption_policy has a codec element specifying the encryption type. Currently only gpg is supported.
The credentials/client_id specifies the GPG destination name.
The "credentials" element can be an embedded configuration as shown in the example or a string with a reference to the encrypted configuration as shown in Encrypted Credentials section.
The "encryption_policy" can be a string reference to an encryption policy configuration stored in eagle/estar/tpe/dynamic/metadata/encryptions/polycyname.json files.
For example if we have a file eagle/estar/tpe/dynamic/metadata/encryptions/gpgpolicy.json with the following content:
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
{
"encryption_policies" : {
"gpg_policy" : {
"codec" : "GPG",
"armor": "gpgarmor",
"credentials" : "eagle_certificates/gpgcert"
}
}
}
|
we can refer to it from the distribution profile as:
"encryption_policy": "gpgpolicy/gpg_policy"
The GPG encryption policy currently supports the following parameters:
"armor" - the armor for GPG - please refer to GPG documentation for description
"credentials"/"client_id" - the recipient, for which we should have a certificate imported in GPG