Documentation

Store and use secrets

Secrets are key-value pairs that contain sensitive information you want to control access to, such as API keys, passwords, or certificates. There are two options for storing secrets with InfluxDB:

  • By default, secrets are Base64-encoded and stored in the InfluxDB embedded key value store, BoltDB.
  • You can also set up Vault to store secrets. For details, see Store secrets in Vault.

By default, all secrets added to InfluxDB Cloud are stored in the InfluxDB Cloud Vault cluster.

Use secrets in a query

Import the influxdata/influxd/secrets package and use the secrets.get() function to populate sensitive data in queries with secrets from your secret store.

import "influxdata/influxdb/secrets"
import "sql"

username = secrets.get(key: "POSTGRES_USERNAME")
password = secrets.get(key: "POSTGRES_PASSWORD")

sql.from(
  driverName: "postgres",
  dataSourceName: "postgresql://${username}:${password}@localhost",
  query:"SELECT * FROM example-table"
)

Add, list, and delete secrets

See Manage secrets.


Set your InfluxDB URL

Upgrade to InfluxDB Cloud or InfluxDB 2.0!

InfluxDB Cloud and InfluxDB OSS 2.0 ready for production.