Credential management
Proper credential management is essential for authentication and interaction with 3rd-party services. Integrating with services like OpenAI, HuggingFace, or Snowflake requires users to enter secret keys associated with their accounts. Storing these keys in plain text, however, poses a security risk.
In Snorkel Flow, superadmin users can leverage the SDK to encrypt and store sensitive credentials/keys in the secret store. These tools enable superadmin users to register credentials to a specific reference key and allow all users to reference that key throughout the platform. Each key is scoped to a workspace.
Set secrets
Superadmins can use sf.set_secret to add secrets to the secret store:
sf.set_secret(key, value, secret_store='local_store', workspace_uid=1)
Where:
- key: The key to reference the secret in the store.
- value: The secret that is being added.
- secret_store: The secret store that you can register secrets to. Currently, only the 'local_store' option is supported.
- workspace_uid: The workspace that the secret is registered to. The default value is 1.
Delete secrets
Superadmins can use sf.delete_secret to delete the secret that is associated with the key from the secret store:
sf.delete_secret(key, secret_store='local_store', workspace_uid=1)
List secrets
Superadmins can use sf.list_secrets to list all the keys (i.e., references) for a workspace. This does NOT list the secrets:
sf.list_secrets(secret_store='local_store', workspace_uid=1)