Users with Read-Only access can no longer see Database credentials

Broadly speaking, two levels of access can be granted to Users through Aptible Roles on a per-Environments basis

  • Manage Access: Provides Users with full read and write permissions on all resources in a particular Environment.
  • Read Access: Provides Users with read-only access to all resources in an Environment, including App configuration and Database credentials.

While Users with read access are not allowed to make any changes, or create Ephemeral SSH Sessions or Database Tunnels, they were still able to view credentials of their Aptible-managed Databases. This was possible either through the Database dashboard or through the CLI with the [aptible db:url] and the APTIBLE_OUTPUT_FORMAT=json aptible db:list commands.

For heightened security, Users with read access can no longer see Database Credentials, both in the UI or through the CLI.

Now, when clicking Reveal in the Database dashboard, read access Users will see a pop-up window that does not reveal the connection URL for the said database.

The same is true in the CLI.

When using the aptible db:url HANDLE command in the CLI, Users with read access will see the following message that no longe reveals the Database connection URL.

No default credential for database, valid credential types: 

When using the APTIBLE_OUTPUT_FORMAT=json aptible db:list command, read access Users will see empty values for their Database connection URL and credentials. Here's an example:

    "id": 2,
    "handle": "logs",
    "created_at": "2021-08-30 13:44:43 UTC",
    "type": "elasticsearch",
    "version": "2.2",
    "status": "provisioned",
    "connection_url": null,
    "credentials": [

    "environment": {
      "id": 1,
      "handle": "example",
      "created_at": "2021-08-27 20:24:55 UTC"
    "disk_type": "gp3",
    "disk_size": 10,
    "disk_modification_progress": null,
    "disk_modification_status": null,
    "disk_provisioned_iops": 3000,
    "container_size": 1024

Note: If your teams have passed the Database connection URL as an environment variable, Users with read access can still read this set configuration.