I'm using Microsoft SQL Server, but I don't have access to a DBMS (Database Management System). I'm concerned about how to run my SQL Insert script securely without exposing my credentials in plain text. Any suggestions on how to do this?
3 Answers
Another method is to wrap your SQL commands in a PowerShell script that pulls credentials from an encrypted file. It can add a layer of security to your process. Check out this detailed guide on how to do it: [PDQ Blog on Secure Password Handling](https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials/). You can extract the credentials, assign them to variables, and then use those in your SQL script.
One option is to store your credentials in a separate file as environment variables. This way, you wouldn't need to include them directly in your script, which keeps them out of plain sight.
I'm still not clear on how environment variables can be secure. Aren't they just stored in plain text somewhere?
Are you working with Azure? If so, you might want to look into using a managed identity or Azure Key Vault for a more secure credential management solution.
But be cautious with environment variables! They can end up in logs and other outputs. A more secure approach would be to use a secret management service, such as AWS Secrets Manager or a vault. If you're using cloud services, consider using roles instead of hardcoded credentials.