[jira] [Created] (FLINK-38685) Flink Postgres CDC connector logs the database password

Fri, 14 Nov 2025 03:59:20 -0800 

Tejansh Rana created FLINK-38685:
------------------------------------

             Summary: Flink Postgres CDC connector logs the database password
                 Key: FLINK-38685
                 URL: https://issues.apache.org/jira/browse/FLINK-38685
             Project: Flink
          Issue Type: Bug
          Components: Flink CDC
            Reporter: Tejansh Rana


The Flink Postgres CDC connector, when initialising, logs the complete 
connector configuration, including the {{database.password}} property, in plain 
text to the TaskManager logs.

*Steps to Reproduce:*
 # Start a Flink Cluster (or run a local Flink job).

 # Create a DataStream application using the 
flink-connector-postgres-cdc
 # Ensure the configuration contains {{{}database.password{}}}.

 # Start the job.

 # Examine the TaskManager logs 

*Observed Behavior:*

The log contains a line similar to

 

{{2025-11-14 11:04:29,954 INFO  
org.apache.flink.cdc.connectors.postgres.source.fetch.PostgresSourceFetchTaskContext
 [] - PostgresConnectorConfig is 
{connector.class=io.debezium.connector.postgresql.PostgresConnector, 
slot.name=flink_cdh_sample_1_3, schema.include.list=public, 
provide.transaction.metadata=true, include.schema.changes=false, 
database.sslmode=require, database.history.skip.unparseable.ddl=true, 
database.sslfactory=org.postgresql.ssl.NonValidatingFactory, 
database.history.instance.name=6d5b0651-f15b-49f3-a210-32a4654158de_3, 
database.tcpKeepAlive=true, database.dbname=foo_sample, database.user=foo_user, 
slot.drop.on.stop=true, database.history.refer.ddl=true, 
database.server.name=postgres_cdc_source, heartbeat.interval.ms=0, 
plugin.name=pgoutput, database.port=5432, database.hostname=postgres, 
{color:#FF0000}database.password=postgres{color}, database.sslrootcert=, 
table.include.list=public.foo_sample_users, 
database.history=org.apache.flink.cdc.connectors.base.source.EmbeddedFlinkDatabaseHistory,
 snapshot.mode=never}}}

 

 

See - 
[https://github.com/apache/flink-cdc/blob/7a6bfd85df5fed9b2c0e0dda8e8492a682c429f6/flink-cdc-connect/flink-cdc-source-connectors/flink-connector-postgres-cdc/src/main/java/org/apache/flink/cdc/connectors/postgres/source/fetch/PostgresSourceFetchTaskContext.java#L171]
 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to