In this article we will show you the list of available SSIS Package Protection Level, and how to apply those setting with example. For this demonstration we are going to use following Integration Service package. Please refer SSIS LOGGING article to understand the package configurations.
You can find the list of SSIS protection levels under the package properties. Please go to the package properties, and then under the Security tab, you can find the Protection Level property. This is the property that you are going to use to protect you package. Following are the list SSIS Package Protection Level:
- DontSaveSensitive: This option will not save any sensitive information in the package. So, if a different user open the package, the sensitive information (passwords) is replaced with blank.
- EncryptSensitiveWithUserKey: This option encrypts the sensitive information using the current user settings. Current user means windows user where the BIDS is running.
- EncryptSensitiveWithPassword: It will encrypt the sensitive information using the password, and save that encrypted information in package. Password for sensitive data is provided by using the PackagePassword property
- EncryptAllWithPassword: This option encrypts the whole package using password. And you have to use the PackagePassword property to assign password. When you open the package in designer, or to run the package with this option, then you have to provide the password.
- EncryptAllWithUserKey: This option uses the current user settings to encrypt the whole package. For example, if Tutorial Gateway is a user that created, or exported package 1 then he can only open, or run that package
SSIS Package Protection Level Example
In order to demonstrate the protection levels in SSIS package, we will create a OLE DB Connection Manager after changing the Protection level. First let me try with DontSaveSensitive. To create a connection, Right click on the control flow region will open the context menu. Please select the New Connection.. option from the menu as we shown below.
When you select the New Connection.. option, an Add SSIS Connection Manager window form will be opened. Here we selected the OLE DB connection manager, and selected the new connection.
Clicking the new button will open Connection Manager window. From the below screenshot, you can observe that we are using PRASAD as the instance, and provided the username and password for SQL authentication. And we selected [AdventureWorks2014] as the database name.
Click OK to close the configuration settings
Now, let me double-click on the newly created OLE DB Connection manager. As you can, it is not showing the password, although we check marked the Save my password option
You can check the same in XML file.
Let me change the Protection level to EncryptSensitiveWithPassword. If you select this option, you have to provide the password to encrypt the sensitive data. To assign the password, please click … button beside the Package password.
Once you click on the … a new window will be popes up asking you to provide the password. As you can see, we had given a random password
Now you can see the encrypted information inside the XML file.
If you change the Protection level to EncryptAllWithPassword, and provided the password. Then the XML file look like the following image. It will not show any information to the user, everything is encrypted.
When you open the package with protection level EncryptAllWithPassword, or EncryptSensitiveWithPassword then following pop up window will be opened. You have to provide the password to run the package
Thank You for Visiting Our Blog
Leave a Reply