Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.maia.ai/llms.txt

Use this file to discover all available pages before exploring further.

Refreshing a ‘s credentials lets you generate a new client_secret for the in , to authenticate with the application in your infrastructure. You may wish to do this if, for example, your security policy requires that you change secrets on a regular basis.
This action will revoke existing credentials and result in disconnecting a running . You must replace your credentials and restart the to reconnect. Ensure you have no pipelines running on the when you use this feature.

How to refresh Maia runner credentials

  1. In the left navigation, click s. Then, select Runners from the menu.
  2. Locate your , and click the three dots , then click Runner details.
  3. Click the Credentials tab.
  4. Click Refresh.
  5. When asked for confirmation, type the word refresh and click Refresh credentials.
  6. When you receive a notification that the credentials are refreshed, you can click Reveal to show the new secret that has been generated.
Apply the new credentials to the in AWS or Azure. If the s have been installed using the provided templates for ECS and Container Apps, then the following guides for AWS or Azure may be used. Until this is done, the status will show as Unknown in the Runners list, and the can’t be used to run pipelines.

Apply the new credentials (AWS)

Once you have refreshed credentials on the Runner details page, follow this process to update your AWS-hosted to use the new credentials. The client_secret used by the is held in your AWS Secrets Manager. The app contains a pointer to this secret, which will not change. To update the secret:
  1. Log in to the AWS Console and locate the ECS service running your . Note the name assigned to the .
  2. In Secrets Manager, locate and select the secret that corresponds to the name you noted.
  3. Click Retrieve secret value to display the existing value, then click Edit.
  4. Copy in the refreshed client_secret value you obtained from . Don’t change the secret name.
  5. Click Save.
Now restart the , as described in Restart a .

Apply the new credentials (Azure)

Once you have refreshed credentials on the Runner details page, follow this process to update your Azure-hosted to use the new credentials.
  1. In the Azure portal, select the Container App that holds your .
  2. In the Container App’s sidebar menu, select Application then containers.
  3. Click the Environment variables tab.
  4. The OAUTH_CLIENT_SECRET variable tells you the name of the secret that holds the client_secret.
  5. In the Container App’s sidebar menu, click SettingsSecrets and locate the secret name you determined above.
  6. Click the edit (pencil) icon next to the secret to edit its value.
  7. Copy the refreshed client_secret you obtained from and paste it into the Value field.
  8. Click the checkbox at the bottom to acknowledge that you want to proceed with the change.
  9. Click Save.
Now restart the , as described in Restart a .

Apply the new credentials (Snowflake)

Once you have refreshed credentials on the Runner details screen, you need to update the secret entry in the Snowflake vault. The client_secret used by the is held in your Snowflake vault. Read Secrets in Matillion for Snowflake for details.