Skip to content

Automation (console) security

Note

This feature is available in Lite, Enterprise and Ultimate editions only.

Overview

Automation security in DBeaver allows scheduled tasks to run without manual password entry. This is useful for automating processes such as sending emails or executing database queries in the background.

To use automation security:

  1. Navigate to Window -> Preferences -> General -> Security.
  2. Under Encryption Method, select Automation (console).
  3. Click Apply and Close to save the changes.
  4. Configure password storage ā€“ Use environment variables or a password file to provide credentials.

Warning

Automation security is less secure, as local credentials can be decrypted by anyone with access to the machine. Only enable it on controlled machines where task execution is critical.

Configuration options

You can provide a password in one of the following ways:

Environment variable

Store the password in memory by setting the DBEAVER_MASTER_PASSWORD environment variable. To configure:

  1. Open a terminal or command prompt.
  2. Set the environment variable:
  3. On Windows (PowerShell): 
    $env:DBEAVER_MASTER_PASSWORD="your_password"
  4. On macOS/Linux: 
    export DBEAVER_MASTER_PASSWORD="your_password"

Password file

Store the password in a file and reference it using DBEAVER_MASTER_PASSWORD_PATH. To configure:

  1. Create a text file containing the password. 
    echo "your_password" > /path/to/password_file
  2. Set the environment variable to point to the file:
  3. On Windows (PowerShell): 
    $env:DBEAVER_MASTER_PASSWORD_PATH="C:\path\to\password_file"
  4. On macOS/Linux: 
    export DBEAVER_MASTER_PASSWORD_PATH="/path/to/password_file"
  5. Ensure the password file has restricted permissions: 
    chmod 600 /path/to/password_file

Removing automation security

To remove stored automation security credentials, follow these steps:

Remove the environment variable

If you stored the password using an environment variable, delete it:

  • On Windows (PowerShell): 
    Remove-Item Env:DBEAVER_MASTER_PASSWORD
  • On macOS/Linux: 
    unset DBEAVER_MASTER_PASSWORD

Delete the password file

If you stored the password in a file, delete it securely:

  • On Windows: 
    Remove-Item "C:\path\to\password_file"
  • On macOS/Linux: 
    rm -f /path/to/password_file

After removing automation security, restart DBeaver to apply the changes.