Skip to main content
Version: 3.21

Secrets

A secret is a set of sensitive information, such as credentials, access keys and key and value pair.

The secrets can be queried by applications or scripts through API calls using authorizations with access policies and through automations created directly in the solution, where the secrets will be actively injected, changed and deleted without the need to change the application code.

Register a secret

To register a secret, go to the menu: DSM ➔ Secret Management ➔ Secrets

  1. In the report's action buttons, click New secret;
    Secret registration form
  2. In the Main tab, fill in the following fields:
    • Name: Name of the secret for management within senhasegura;
    • Identity: Secret identifier. Using this identifier the applications were able to find the file or variable that will be created;
    • Enabled: Flag if this secret is available to be used by the applications;
    • Expiration date: Date on which the secret will be automatically inactivated;
      caution

      When expired, the secret information will be deleted. Some information, such as Access keys, cannot be retrieved.

    • Engine: Engine to be used;
    • Description: Secret' usage description aligned with the client's business rule. Will not be used by applications;
  3. In the Cloud Credentials tab, select the cloud credentials that will be part of the secret;
  4. In the Credentials tab, select the credentials that will be part of the secret;
  5. In the Ephemeral Credentials tab, select the provisions that will be part of the secret;
  6. In the Key/Value tab, fill a key and sensitive value pair. The name and value must obey the criteria of the applications and environments where they will be published;
  7. In the Auto-renew tab, it is possible to determine an amount of time to the secret renewal to Cloud credentials, Ephemeral Credentials, and Credentials through the parameters: Enable, Renew Every, Minutes;
  8. To finish click on Save;

Secrets viewing

To view the secrets as plain-text follow the menu: DSM ➔Secret Management ➔Secrets.

On this screen, you can view the existing secrets along with information such as Engine, identifier, status, version and expiration date.

Secrets report

Viewing versions of a secret

To view the secrets history follow the menu: DSM ➔Secret Management ➔Secrets.

  1. In the action column of the secret row, click on the option Secret versions;
    Secret versions
  2. On the screen presented, click on View history button for the version you want to view;
  3. Finally, click on the View information action to view the information;