Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

Vault is a repository that keeps confidential information secured in the Database. Vault provides a robust security level, by adding more security while saving and accessing the classified data. Instead of storing information as a plain text, Vault is used to securely save and fetch data in an encrypted form. The following services use Vault:

  • Database Info
  • Custom Plugin
  • Web Service REST Consumer
  • Put-Context-Var Action

 

 Create Vault and Keys

To create a Vault and define its custom keys to store and fetch passwords:

  1. Go to Develop > Services > Security Vault



  2. Click Create New.



  3. Type the name and description of the new Vault.


  4. You can change Vault Alias before you hit Save. Once saved, you cannot modify the field.

    Note

    The Vault Alias is a unique field.

  5. Type in a key and its value.

  6. Click Add to add a new Parameter.



  7. Click  to view the hidden values. Click  to mask the password. To delete a parameter, click  in front of it.



  8. Expand Advanced Properties to change the project and owner of this vault. Also provide permission of Read, Write, and Execute to Owner, Group, and Others. Click here for more information on how permissions work.
  9. Click Save.
 Using Vault

The URL we use in any application contains some confidential information like password which is passed as a plain text. To enhance the security, use vault to encrypt the password instead of providing the password as a plain text. Before using it in the URL, click here to create a new Vault.

After you have created a vault, write the following syntax in the URL of the JDBC drivers (given in the table below) replacing the confidential information:

{Vault.aliasName.key}

where,
Following an opening curly parentheses, 'Vault' is a keyword to be used every time (V in 'Vault' is UPPERCASE).
aliasName is the Vault Alias, where the parameter, which stores the confidential data, is defined.
key is the parameter which stores the confidential data.
Finally closed by a closing curly parentheses.
A period is used as a separator between Vault and aliasName; and aliasName and key.

Now if a REST Consumer Web Service is using vault for storing and fetching a password, we define the URL in the form:
http://server:host?username=<username>&password={Vault.aliasName.key}

For example-
http://192.168.1.195:8080?username=admin&password={Vault.safe.client_key}

 Edit Vault
  1. Click the Vault Name or, Click  next to the Vault you wish to edit, and select Edit.



  2. You can edit the information in the window that appears. Note that you cannot rename Alias once it is created. Other details that cannot be modified are 'Creation Date', 'Modified Date' and, 'Last Modified by'.



  3. Click Save.
 View Vault
  1. Click  next to the Vault you wish to view.
  2. Click 'View'. A new window will open up with information about the vault.

 



  • No labels