PREMIUM EDITION FEATURESecret management is a Premium Edition feature. All Premium Edition features are available out of the box without additional cost on RisingWave Cloud. For self-hosted deployments, users need to purchase a license key to access this feature. To purchase a license key, please contact sales team at sales@risingwave-labs.com.For a full list of Premium Edition features, see RisingWave Premium Edition.

Syntax

CREATE SECRET secret_name WITH ( backend = 'meta') AS 'your_secret';

Parameters

Parameter or ClauseDescription
secret_nameThe name of the secret to be created. This should be a unique identifier within the system.
backendSpecifies the backend where the secret will be stored. Currently, only the meta backend is supported.
your_secretThe secret value that you wish to store securely.

Examples

Here is an example. We create a secret named mysql_pwd, and then use it in the WITH clause. After that, we use the SHOW CREATE SOURCE command to view the password. As shown in the result, the MySQL password is hidden, ensuring no secret leaks. 
CREATE SECRET mysql_pwd WITH ( backend = 'meta' ) AS '123';

CREATE SOURCE mysql_source WITH (
 connector = 'mysql-cdc',
 hostname = 'localhost',
 port = '8306',
 username = 'rwcdc',
 password = secret mysql_pwd,
 database.name = 'test',
 server.id = '5601'
);

SHOW CREATE SOURCE mysql_source;

---RESULT
--- public.mysql_mydb | CREATE SOURCE mysql_mydb WITH (connector = 'mysql-cdc', hostname = 'mysql', port = '3306', username = 'root', password = secret mysql_pwd, database.name = 'mydb', server.id = '2') FORMAT PLAIN ENCODE JSON

See also

Manage secrets

A comprehensive guide for secret management operations

DROP SECRET

Dropping a secret