Security access key configuration
Configure Vault Authentication Configurations.
Password Authentication
Enable Password Authentication to allow users to access vault data by using username/password authentication.
Access Key Authentication
Enable Access Key Authentication to allow generation of AWS-style credentials for user accounts. These credentials can be used to perform AWS authentication for S3 requests.
Press Update or Cancel.
To establish access keys for an account, do the following steps.
- Enable Access Key Authentication.
- The target account must exist or be created. Accounts that are created while Access Key Authentication is enabled no longer require a username/password to be set.
- Create access keys for the target account in the Access Key Authentication (Security > Account > Access Key Authentication).
Upon enabling Access Key Authentication, the Access Key Authentication section appears on the account page, and the Create Account flow allows an account to be created without requiring a username and password. An account can be disabled by the Security Officer or Super User, which prevents vault access and the ability to log in to the manager. Individuals with these roles can also re-enable the account.
Hide Secret Access Key
When this feature is enabled, Secret Access Keys are no longer accessible, except one time during creation, on user account pages and APIs. Any existing Access Keys before you enable the feature are kept but the Secret Keys are no longer accessible. The feature can be enabled with or without existing Access Keys. To disable the feature, any existing Access Keys must be deleted. It cannot be disabled when active Access Keys in the system exist. A password is needed to enable and disable the feature.
Secret Keys are one-time available when you create new Access Keys. It is accessible on the page and csv export is available for download.