This documentation site is not updated. The new documentation can now be found on documentation.red-gate.com

Poll

Authentication

In order to log in to your database, the typical approach is to set your username and password in the Flyway configuration file. This however has some concerns:

These properties are stored in plain text - anyone can see your credentials
Your credentials must be supplied in every configuration file you use
You may not have access to these credentials, and someone else needs to configure them securely

Flyway comes with additional authentication mechanisms that tackle these concerns.

Environment Variables

By storing your username and password in the environment variables FLYWAY_USER and FLYWAY_PASSWORD respectively, they can be configured once and used across multiple Flyway configurations. They can also be set by someone who has the relevant access, so they do not end up being leaked to any unwarranted parties.

Database Specific Authentication

Oracle

Oracle Wallet

SQL Server and Azure Synapse

MySQL

MySQL Option Files Flyway Teams

PostgreSQL

Snowflake

Key-based Authentication

Platform Specific Authentication

AWS IAM

Configure the JDBC URL to point to an AWS RDS instance: flyway.url=jdbc:mysql://<RDS_INSTANCE_HOSTNAME>:<RDS_INSTANCE_PORT>

Set flyway.user to be the database user and flyway.password to be the IAM authentication token: flyway.password=<AuthToken>

You can read more about AWS IAM in Java applications here.

AWS Secrets Manager

PASS Data Community Summit

Flyway Documentation