How to Set Up Login Credentials for Weaviate Vector DB in Development Environment?

Support
1

Hello Weaviate Community,

I am currently working on setting up a Weaviate Vector DB in our development environment. As part of this setup, I need to configure login credentials to ensure secure access to the database. In our current setup, we use a username and password for logging into our Oracle database, and we store these credentials securely in AWS Secrets Manager.

I am looking for guidance on how to implement a similar setup for Weaviate. Here are a few specific questions I have:

  1. Configuration Files: Which configuration files need to be modified to set up login credentials for Weaviate? Are there any specific parameters that need to be added or updated?
  2. Environment Variables: Is it possible to use environment variables for storing login credentials? If so, what is the recommended way to configure these variables in Weaviate?
  3. AWS Secrets Manager Integration: Can Weaviate integrate with AWS Secrets Manager for storing and retrieving login credentials? If yes, what are the steps to configure this integration?
  4. Authentication Methods: What authentication methods are supported by Weaviate for securing access to the vector database? Are there any preferred methods for a development environment?
  5. Security Best Practices: Are there any security best practices or recommendations for managing and securing login credentials in a development environment, especially when using cloud services like AWS?
  6. Common Pitfalls: What are some common pitfalls or issues that developers might encounter when setting up login credentials for Weaviate, and how can they be avoided?

Any detailed guidance, examples, or references to documentation would be greatly appreciated. Thank you in advance for your assistance!

Best regards

2

Hey!

There are 2 areas you are going to want to potentially explore depending on how you are installing your Weaviate Instance:

  1. If you are using Docker, you will want to reference our documentation here:Authentication | Weaviate
  2. If you are using Kubernetes you will want to reference our documentation here: Kubernetes | Weaviate

These both go over setting up the authentication which does utilizing env variable in either your docker compose or values.yaml file.

You can integrate with AWS Secretes manager by setting the env variables in your docker compose or your values file, then configure the module accordingly. We do have that documented here: Text Embeddings | Weaviate

The methods we offer are API-key or OIDC authentication which is gone over in the above docs!

As far as best practices, I would ensure you are utilizing your Read-only keys for any client that is only performing read operations on your objects and that you utilize ENV variables when possible.

Common pitfalls I’ve seen are users using an admin key for CRUD operations, and not Cycling the API keys when users should no longer have access to them.

I hope this helps!

Joe
Support Engineer
Weaviate