You can add Vault LDAP users to the IBM DevOps Deploy (Deploy) secret store to
authenticate users with Vault-defined LDAP.
Before you begin
- Ensure that you have installed the Vault server and obtained the server address.
- You must have the following permissions:
- Create, view, and edit secret store permissions to create a secret
store.
- Create, view, and edit Vault Ldap User permissions to manage LDAP users
of a secret store.
Procedure
-
Click Create Vault Secret Store.
-
Create a secret store in the Manage Vault Secret Store window and
provide the following details:
| Parameter |
Description |
| Name |
Identifies the Vault secret store name. Note: Characters other than a-z,
A-Z, 0-9, and - are not
allowed.
|
| Description |
Conveys more information about the
Vault. |
| Teams |
Allows access to the Vault secret store to
specific teams. |
| URL |
Indicates the Vault server address. |
-
Save your changes.
The secret store lists on the Secret Stores page.
-
Add LDAP users to the secret store.
- Click the secret store to which you want to add the LDAP users.
- Click Ldap Users.
- Click Create Vault Ldap User.
The
Manage Vault Ldap User window is
displayed.
- In the Manage Vault Ldap User window, enter the
following LDAP user details:
| Parameter |
Description |
| Name |
Identifies the Vault
LDAP user name. |
| Password |
Specifies the
password of the LDAP user. |
| Teams |
Allows access of the
LDAP user to specific teams. |
Note: The LDAP user name field does not
allow characters other than a-z,
A-Z, 0-9, and
-.
- Save your changes.
The LDAP user is added to the Vault LDAP
page.
Results
You have added LDAP users to the Deploy secret
store.
What to do next
You can test the integration. See Testing Vault LDAP integration.