Contact Us 1-800-596-4880
  1. Homepage
  2. Runtime Fabric (3.0)
  3. Hardening Mule Apps

  4. Protecting Mule App Property Values Using RTFCTL

Protecting Mule App Property Values Using RTFCTL

Secure application properties are added in the Runtime Fabric cluster locally, stored securely, and scoped per environment. These properties are accessible in unencrypted form by Mule applications deployed in the scoped environment as custom properties.

Runtime Fabric protected properties always take precedence over application-level properties.

Install rtfctl

The rtfctl utility is required to manage protected properties on Runtime Fabric locally. Follow the steps to install rtfctl before continuing with managing secure properties.

Set Secure Properties

  1. Log into a controller node where rtfctl is installed.

  2. Run the following command to set a secure property to the Runtime Fabric under a specific environment, substituting the placeholder fields:

    rtfctl apply secure-property --key <key> --value <value> --app-namespace <app_namespace> --namespace <rtf_namespace>

    • <key>: The key for the secure property used in the Mule application to reference the value.

    • <value>: The value for the secure property to store.

    • <app_namespace>: The actual namespace to scope this secure property to. Only applications deployed to this namespace have access to this secure property.

    • <rtf_namespace>:System namespace scope, defaults to rtf.

When applying secure properties to applications deployed in customized namespaces, you must specify the actual namespace name in the --app-namespace parameter, not the environment ID or the default namespace name. For example, if you created a customized namespace named my-custom-namespace, use that name in the command:

+

rtfctl apply secure-property --key test --value test --app-namespace my-custom-namespace --namespace rtf

View Secure Properties

  1. Log into a controller node where rtfctl is installed.

  2. Run the following command to view the secure properties applied to the Runtime Fabric under a specific environment, substituting the placeholder fields:

    sudo ./rtfctl get secure-properties -n <environment_id>

    • <environment_id>: The Anypoint environment ID to list the secure properties under.

Access Secure Properties

You can access secure properties from inside your Mule application using $key, which is the key provided in the rtfctl apply command. You can retrieve the key the same way you retrieve any other configuration property.

Remove Secure Properties

  1. Log into a controller node where rtfctl is installed.

  2. Run the following command to remove a secure property from the Runtime Fabric in a specific namespace:

    sudo ./rtfctl delete secure-property <my_key> -n <namespace>

    • <my_key>: The key used in the Mule application to reference the secure property.

    • <namespace>: The namespace in which the secure property applies.

See Also