Syncovery Support Forum

Posted: **Thu Nov 10, 2022 5:23 am**

My company has a policy for secret key rotations every month.
Is it possible to configure Syncovery to fetch the secret key from a file?

Thanks in advance!

Dean.

Posted: **Thu Nov 10, 2022 9:02 am**

Hello,
yes, it can be read from a text file using a PascalScript, please see
https://www.syncovery.com/pascalscript/

I hope I can write an example tomorrow.

Posted: **Sun Nov 13, 2022 5:51 am**

tobias wrote: Thu Nov 10, 2022 9:02 am Hello,
yes, it can be read from a text file using a PascalScript, please see
https://www.syncovery.com/pascalscript/

I hope I can write an example tomorrow.

Hi.
Thank you for the quick reply.
An example script would be very helpful.
Thanks again.

Posted: **Sun Nov 13, 2022 9:35 am**

Here it is. You can put it in each profile via Job->PascalScript, or globally for all profiles via the Program Settings dialog, tab sheet Advanced.

Code: Select all

const cTextFilePath='C:\code19\X.txt';

function OnGetProfilePathBeforeListing(const isRightSide:Boolean;
        var Path,UserName,Password:UnicodeString;
        var AuthKey,AuthKeyPassword:AnsiString;
        var Port:Integer):Boolean;
var F:Opaque;
    NewPass:UnicodeString;
begin
  if Copy(Path,1,5)='S3://' then begin
     F:=OpenTextFile(cTextFilePath);
     if F<>0 then begin
        NewPass:=ReadLine(F);
        CloseFile(F);

        if (NewPass<>'') and (NewPass<>Password) then begin
           Password:=NewPass;
           if isRightSide then
              SetProfileProperty('RightPassword',NewPass)
           else
              SetProfileProperty('LeftPassword',NewPass);
           SaveProfileSettings;
           end;
        end;
     end;
  Result:=true;
  end;

Posted: **Thu Aug 21, 2025 7:06 pm**

I was able to achieve this with the updated Pascal script, using the correct 'Auth%' properties.

Code: Select all

const cTextFilePath='C:\code19\X.txt';

function OnGetProfilePathBeforeListing(const isRightSide:Boolean;
        var Path,UserName,Password:UnicodeString;
        var AuthKey,AuthKeyPassword:AnsiString;
        var Port:Integer):Boolean;
var F:Opaque;
    NewAccessID, NewSecretKey:UnicodeString;
begin
  if Copy(Path,1,5)='S3://' then begin
     F:=OpenTextFile(cTextFilePath);
     if F<>0 then begin
        NewAccessID:=ReadLine(F);
        NewSecretKey:=ReadLine(F); // Read the second line for the Secret Key
        CloseFile(F);

        if (NewAccessID<>'') and (NewSecretKey<>'') then begin
           // Check and update Access ID
           if NewAccessID<>AuthKey then begin
              AuthKey:=NewAccessID;
              if isRightSide then
                 SetProfileProperty('RightAuthKey',NewAccessID)
              else
                 SetProfileProperty('LeftAuthKey',NewAccessID);
              SaveProfileSettings;
           end;

           // Check and update Secret Key
           if NewSecretKey<>AuthKeyPassword then begin
              AuthKeyPassword:=NewSecretKey;
              if isRightSide then
                 SetProfileProperty('RightAuthKeyPassword',NewSecretKey)
              else
                 SetProfileProperty('LeftAuthKeyPassword',NewSecretKey);
              SaveProfileSettings;
           end;
        end;
     end;
  end;
  Result:=true;
end;

Posted: **Thu Aug 21, 2025 7:25 pm**

Hello,
that's very interesting! The parameter AuthKey actually refers to the internal ID of a private key registered in Syncovery. This setting is not relevant for S3. It could be relevant for SFTP though. Maybe your use case is different from the original post?

Also, the lines SetProfileProperty('RightAuthKey',NewAccessID) and SetProfileProperty('LeftAuthKeyPassword',NewSecretKey) do nothing because these profile properties do not exist.

Posted: **Fri Aug 22, 2025 6:32 pm**

Can you please indicate the name of the property name for both Left & Right 'Access ID' and 'Secret Key' (as illustrated above) for us to appropriately set, as they both rotate.

Posted: **Fri Aug 22, 2025 7:37 pm**

Hello,
the key ID is simply the UserName variable/parameter in this function.

To set it in the profile, you can use 'LeftUser' and 'RightUser' for the call to SetProfileProperty.

The Secret Key is the password as used in the original function that I posted.

Posted: **Fri Aug 22, 2025 11:21 pm**

That did the trick. Thank you so much..

Please find below the Sample Working Script

Code: Select all

const cTextFilePath='X:\Win64\AWSAccessKeys\s3-user.txt';

function OnGetProfilePathBeforeListing(const isRightSide:Boolean;
        var Path,UserName,Password:UnicodeString;
        var AuthKey,AuthKeyPassword:AnsiString;
        var Port:Integer):Boolean;
var F:Opaque;
    NewAccessID, NewSecretKey:UnicodeString;
begin
  if Copy(Path,1,5)='S3://' then begin
     F:=OpenTextFile(cTextFilePath);
     if F<>0 then begin
        NewAccessID:=ReadLine(F);
        NewSecretKey:=ReadLine(F); // Read the second line for the Secret Key
        CloseFile(F);

        if (NewAccessID<>'') and (NewSecretKey<>'') then begin
           // Check and update Access ID
           if NewAccessID<>AuthKey then begin
              AuthKey:=NewAccessID;
              if isRightSide then
                 SetProfileProperty('RightUser',NewAccessID)
              else
                 SetProfileProperty('LeftUser',NewAccessID);
              SaveProfileSettings;
           end;

           // Check and update Secret Key
           if NewSecretKey<>AuthKeyPassword then begin
              AuthKeyPassword:=NewSecretKey;
              if isRightSide then
                 SetProfileProperty('RightPassword',NewSecretKey)
              else
                 SetProfileProperty('LeftPassword',NewSecretKey);
              SaveProfileSettings;
           end;
        end;
     end;
  end;
  Result:=true;
end;

Posted: **Sat Aug 23, 2025 9:05 am**

Hi,
just a small correction, you should be using UserName instead of AuthKey and Password instead of AuthKeyPassword:

Code: Select all

const cTextFilePath='X:\Win64\AWSAccessKeys\s3-user.txt';

function OnGetProfilePathBeforeListing(const isRightSide:Boolean;
        var Path,UserName,Password:UnicodeString;
        var AuthKey,AuthKeyPassword:AnsiString;
        var Port:Integer):Boolean;
var F:Opaque;
    NewAccessID, NewSecretKey:UnicodeString;
begin
  if Copy(Path,1,5)='S3://' then begin
     F:=OpenTextFile(cTextFilePath);
     if F<>0 then begin
        NewAccessID:=ReadLine(F);
        NewSecretKey:=ReadLine(F); // Read the second line for the Secret Key
        CloseFile(F);

        if (NewAccessID<>'') and (NewSecretKey<>'') then begin
           // Check and update Access ID
           if NewAccessID<>UserName then begin
              UserName:=NewAccessID;
              if isRightSide then
                 SetProfileProperty('RightUser',NewAccessID)
              else
                 SetProfileProperty('LeftUser',NewAccessID);
              SaveProfileSettings;
           end;

           // Check and update Secret Key
           if NewSecretKey<>Password then begin
              Password:=NewSecretKey;
              if isRightSide then
                 SetProfileProperty('RightPassword',NewSecretKey)
              else
                 SetProfileProperty('LeftPassword',NewSecretKey);
              SaveProfileSettings;
           end;
        end;
     end;
  end;
  Result:=true;
end;

Syncovery Support Forum

Is it possible to auto rotate S3 secret key?

Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?

Re: Is it possible to auto rotate S3 secret key?