Secure Configs

BI xPress ›› Features ›› Config Manager ››
Parent Previous Next

Secure Configs


It is very common to store passwords or sensitive information within configurations. Currently, SSIS does not perform encryption on any values that are stored in configurations. BI xPress' Configuration Manager allows users to effortlessly securely encrypt any SSIS package properties.


1.   Within BIDS, VS, or SSDT, open the desired SSIS package you wish to add secure configurations too


2.   Launch BI xPress Configuration Manager using one of the three methods below:

1.   Within the BIDS, VS, or SSDT Toolbar, select BI xPress and then "Package Configurations (BI xPress)"

2.   Right-click on the package within the Solution Explorer and select "Package Configurations (BI xPress)"

3.   Within the SSIS Package Control Flow, right-click and select "Package Configurations (BI xPress")


3.   If package configurations have not yet been enabled, check the "Enable Package Configurations" box and then click the "Add" button



4.   Select configuration type, path, and hit "Next"


Important Note

Configuration placeholders can be used within the configuration name and path to create unique configuration files when applying configurations to multiple SSIS Packages at the same time.





5.   On property selection screen select an encryption mode. Depending on which encryption mode, you can manually encrypt a property, or allow BI xPress to choose for you. Any property with a lock icon next to it indicates that the property will be encrypted when it is saved to the configuration file.

Option

Description

No Encryption

This option indicates its regular configuration and no value is encrypted. This is the default option.

Encrypt Sensitive (Auto)

All password properties are encrypted automatically when you select this option. Any property without sensitive information is stored as plain text.

Encrypt Sensitive (Manual)

Password properties are encrypted when "Encrypt" column is checked for selected properties. Any property without sensitive information is stored as plain text.

Encrypt Full Value (Auto)

Encrypt full value of all configurable properties.

Encrypt Full Value (Manual)

Encrypt full value of configurable properties only when "Encrypt" column is checked




6.   After updating the properties and checking to include the property within the Configuration file, click "Next" to go to Summary screen. When you are satisfied, click "Start" to begin creating the encrypted configuration file.


7.   Go to the configuration file location and open the newly created dtsConfig file to inspect XML. You will notice that sensitive information is encrypted.



Important Note

When you select any type of encryption mode, Event Handler code is generated to perform transparent decryption. To remove secure configuration code click on the "Remove Secure Config" button.