Managing Vault secret stores

Manage secret stores from the Secret Store tab by creating secret stores and adding AppRoles to a secret store.

Make sure the Vault server is installed and you have the server address ready.
Create secret stores and manage them from the Secret Stores tab.
  1. Click Create Vault Secret Store.
  2. Configure the secret store in the Manage Vault Secret Store window:
    Parameter Description
    Name Identifies the Vault secret store name.
    Description Conveys more information about the Vault.
    Teams Allow access of a Vault secret store to specific teams.
    URL Indicates the Vault server address.
    Note: The secret store name field does not allow characters other than a-z, A-Z, 0-9, and -.
  3. Save your changes.
    The secret store lists in the Secret Stores page.
  4. Add AppRole to the secret store.
    1. Cick on the secret store where you want to add the AppRole.
      The Configuration page is displayed.
    2. Click App Roles.
    3. Click Create Vault AppRole.
      The Manage Vault AppRole window is displayed.
    4. Configure the AppRole in the Manage Vault AppRole window:
      Parameter Description
      Name Identifies the Vault AppRole name.
      AppRole Id Specifies the RoleID of the AppRole.
      Secret Id Specifies the SecretID of the AppRole.
      Teams Allow access of an AppRole to specific teams.
      Note: The AppRole name field does not allow characters other than a-z, A-Z, 0-9, and -.
    5. Save your changes.
      The AppRole is added to the Vault AppRoles page.
  5. Create a process with step that references vault property with syntax: 
    ${p:secret:vault:<secretStoreName>:<vaultAppRoleName>:<vaultSecretPath>:<vault-key>}
    You can use the vault property in an automation or source config plug-in step.
  6. Run the process.
    When the process runs, on reaching the step where the property is defined, the process validates and authenticates the credentials from the Vault.