#!/bin/bash # A script to interactively manage SAP HANA hdbuserstore keys. # --- Style Definitions --- COLOR_BLUE='\033[1;34m' COLOR_GREEN='\033[1;32m' COLOR_YELLOW='\033[1;33m' COLOR_RED='\033[1;31m' COLOR_NC='\033[0m' # No Color HDB_EXECUTABLE_PATH="/usr/sap/hdbclient/hdbuserstore" # --- Function: Create New Key --- create_new_key() { echo -e "\n${COLOR_BLUE}🔑 --- Create New Secure Key ---${COLOR_NC}" read -p "Enter the Key Name [CRONKEY]: " key_name read -p "Enter the HANA Host [hanasrv]: " hdb_host read -p "Enter the Instance Number [00]: " hdb_instance read -p "Enter the Tenant DB [NDB]: " hdb_tenant read -p "Enter the Database User [SYSTEM]: " hdb_user read -sp "Enter the Database Password: " hdb_pass echo "" key_name=${key_name:-"CRONKEY"} hdb_host=${hdb_host:-"hanasrv"} hdb_instance=${hdb_instance:-"00"} hdb_tenant=${hdb_tenant:-"NDB"} hdb_user=${hdb_user:-"SYSTEM"} CONNECTION_STRING="${hdb_host}:3${hdb_instance}15@${hdb_tenant}" echo -e "\n${COLOR_YELLOW}📝 Review the command below (password is hidden):" echo "------------------------------------------------------" printf "${HDB_EXECUTABLE_PATH} SET \"%s\" \"%s\" \"%s\" \"\"\n" "$key_name" "$CONNECTION_STRING" "$hdb_user" echo -e "------------------------------------------------------${COLOR_NC}" read -p "❓ Execute this command? (y/n): " execute_now if [[ "$execute_now" =~ ^[Yy]$ ]]; then echo -e "\n${COLOR_GREEN}⚙️ Executing command...${COLOR_NC}" if "$HDB_EXECUTABLE_PATH" SET "$key_name" "$CONNECTION_STRING" "$hdb_user" "$hdb_pass"; then echo -e "${COLOR_GREEN} ✅ Success! Key '${key_name}' stored securely.${COLOR_NC}" else echo -e "${COLOR_RED} ❌ Error: Failed to store key '${key_name}'. Please check details and credentials.${COLOR_NC}" fi else echo -e "\n${COLOR_YELLOW}🛑 Execution aborted by user.${COLOR_NC}" fi } # --- Function: Delete Key --- delete_key() { echo -e "\n${COLOR_BLUE}🗑️ --- Delete Existing Secure Key ---${COLOR_NC}" keys=$("$HDB_EXECUTABLE_PATH" list 2>/dev/null | tail -n +3 | grep '^KEY ' | awk '{print $2}') if [ -z "$keys" ]; then echo -e "${COLOR_YELLOW}🤷 No keys found to delete.${COLOR_NC}" return fi PS3=$'\nPlease select a key to delete (or Ctrl+C to cancel): ' select key_to_delete in $keys; do if [ -n "$key_to_delete" ]; then read -p "❓ PERMANENTLY delete the key '$key_to_delete'? (y/n): " confirm if [[ "$confirm" =~ ^[Yy]$ ]]; then echo -e "\n${COLOR_GREEN}⚙️ Deleting key '$key_to_delete'...${COLOR_NC}" if "$HDB_EXECUTABLE_PATH" DELETE "$key_to_delete"; then echo -e "${COLOR_GREEN} ✅ Success! Key '$key_to_delete' has been deleted.${COLOR_NC}" else echo -e "${COLOR_RED} ❌ Error: Failed to delete the key.${COLOR_NC}" fi else echo -e "\n${COLOR_YELLOW}🛑 Deletion aborted by user.${COLOR_NC}" fi break else echo -e "${COLOR_RED}❌ Invalid selection. Try again.${COLOR_NC}" fi done } # --- Main Menu --- while true; do echo -e "\n${COLOR_BLUE}🔐 ========== SAP HANA Secure User Store Key Manager ==========${COLOR_NC}" echo "1) Create a New Key" echo "2) Delete an Existing Key" echo "3) Exit" read -p $'\nPlease select an option: ' choice case $choice in 1) create_new_key ;; 2) delete_key ;; 3) echo "👋 Exiting." exit 0 ;; *) echo -e "${COLOR_RED}❌ Invalid option '$choice'. Please try again.${COLOR_NC}" ;; esac done