Prerequisites

To get the most out of this guide, you will need to:

Features

The table below outlines the features available for this type of connection.

  • Native - This refers to when a database client connects through a specific protocol, such as an IDE or client libraries through hoop connect <connection-name>.
  • One Off - This term refers to accessing this connection from hoop web panel.
FeatureNativeOne OffDescription
TLS Termination ProxyThe local proxy terminates the connection with TLS, enabling the connection with the remote server to be TLS encrypted.
AuditThe gateway stores and audits the queries being issued by the client
Data Masking (Google DLP)A policy can be enabled to mask sensitive fields dynamically when performing queries in the database.
Data Masking (MS Presidio DLP)A policy can be enabled to mask sensitive fields dynamically when performing queries in the database.
Credentials OffloadThe user authenticates via SSO instead of using the service credentials.
Interactive AccessInteractive access is available when using an IDE or connecting via a terminal for analysis exploration.

Configuration

NameRequiredDescription
CQLSH_KEYSPACEyesThe keyspace target
CQLSH_HOSTyesThe host of the Cassandra cluster
CQLSH_PORTnoThe Vault Token. Defaults to 9043
CQLSH_USERnoThe user can connect in the Cassandra cluster.
CQLSH_PASSWDnoThe password to connect in the Cassandra cluster.

Connection Setup

hoop admin create conn my-cqlsh-test -a <agent> \
  -e CQLSH_KEYSPACE=<keyspace> \
  -e CQLSH_HOST=<host> \
  -e CQLSH_USER=<user> \
  -e CQLSH_PASSWD=<user> \
 -- cqlsh

Connection Usage

hoop exec my-cqlsh-test -i 'SELECT * FROM table1;'