Skip to main content
Version: 3.25

Access control

Access groups

You can control access to applications, authorizations, secrets, and variables in this access group.

Create Access Group in DevOps Secret Manager

  1. Go to DevOps Secret Manager ➔ Access control ➔ Access Group

  2. Click on New Group in the Actions menu

Settings tab

  • Access group name*: Set a name to identify the access group

  • Active*: Indicates if the group will be active in senhasegura

  • Description: add a description of the access group

Secrets view configuration

  • Users can view secrets: Check if users in this access group have permission to view secrets

  • Require justification: Check if the user needs to justify an action

  • Requires Approval: Check whether approval is required to authorize the action

  • Approval in levels: Check if senhasegura will result in approvals by level by measure granted.

  • task trials: Set the number of visual proofs to perform tasks

  • Mandatory to specify the governance code when justifying?*: Set the filling in of the governance code is mandatory

  • Possible disapprovals for termination: The number of disapprovals offered for the execution to be canceled

  • Always add the mandatory manager to approved users?*: Define whether the manager will be added to approved users

Criteria tab
info

You can use the wildcard [#username#], which will be replaced by the username during the access processing.

Application

  • Application name (comma-separated): Fill in the application names separated by a comma
  • Application Tags (comma-separated): Fill in the Application Tags, separating them with a comma
  • Business Line: Check the Main Business option if applicable to your access group
  • Type: Set the sector of the access group Business, DevOps and Security

Authorizations

  • systems (comma-separated): Fill in the systems that you want to authorize for this access group
  • environments (comma-separated): Fill in the environments you want to authorize for this access group
info

Access will only be granted to authorization belonging to applications granted by the applicable rules of this access group.

Secrets

  • Name of secrets (comma-separated): Name given to the secret that was created
  • Secret environments (comma-separated): Location where the secret is stored
  • Secret tags (comma-separated): Tags used for secret segregation
info

Access will only be granted to secrets that:

  • Do not belong to any authorization
  • Belong to the authorization granted by the authorization rules of this access group
Users tab

In the Users tab, add the users who will be part of this access group.

Approvers tab

On the Approvers tab, add the approving users who will be part of this access group.

  1. Click Save after filling in all required information

My requests

Group members who need approval for their activities to monitor the status of the requested approval, go to the menu: DevOps Secret Manager ➔ Access Control ➔ My Requests

The report displays the requests made by the user and whether they have already been: approved, are still pending, rejected, expired, or canceled. To learn more about requests, click the request's action button.

My approvals

Approved users will be able to view a report on their approvals and access the menu: DevOps Secret Manager ➔ Access Control ➔ My Approvals

This screen shows user approvals such as status, requester, reason, and validity. If it is pending approval, you can approve or disapprove a request using the Approve and Disapprove buttons. To learn more about requests, click the request's action button.