A secret is a set of sensitive information, such as credentials, access keys and key and value pair.
The secrets can be queried by applications or scripts through API calls using authorizations with access policies and through automations created directly in the solution, where the secrets will be actively injected, changed and deleted without the need to change the application code.
Register a secret
To register a secret, go to the menu: DSM ➔ Secret Management ➔ Secrets
- In the report's action buttons, click New secret;
- In the Main tab, fill in the following fields:
- Name: Name of the secret for management within senhasegura;
- Identity: Secret identifier. Using this identifier the applications were able to find the file or variable that will be created;
- Enabled: Flag if this secret is available to be used by the applications;
- Expiration date: Date on which the secret will be automatically inactivated; caution
When expired, the secret information will be deleted. Some information, such as Access keys, cannot be retrieved.
- Engine: Engine to be used;
- Description: Secret' usage description aligned with the client's business rule. Will not be used by applications;
- In the Cloud Credentials tab, select the cloud credentials that will be part of the secret;
- In the Credentials tab, select the credentials that will be part of the secret;
- In the Ephemeral Credentials tab, select the provisions that will be part of the secret;
- In the Key/Value tab, fill a key and sensitive value pair. The name and value must obey the criteria of the applications and environments where they will be published;
- In the Auto-renew tab, it is possible to determine an amount of time to the secret renewal to Cloud credentials, Ephemeral Credentials, and Credentials through the parameters: Enable, Renew Every, Minutes;
- To finish click on Save;
To view the secrets as plain-text follow the menu: DSM ➔Secret Management ➔Secrets.
On this screen, you can view the existing secrets along with information such as Engine, identifier, status, version and expiration date.
Viewing versions of a secret
To view the secrets history follow the menu: DSM ➔Secret Management ➔Secrets.
- In the action column of the secret row, click on the option Secret versions;
- On the screen presented, click on View history button for the version you want to view;
- Finally, click on the View information action to view the information;