SNMP V3 security user configuration

An administrator can create a secret prior to installing the chart. The chart can then be configured to use this existing secret by specifying the secret name in probe.snmpv3.secretName parameter.

For details about creating a secret, see Creating a secret with SNMP v3 users data.

To create a new secret automatically during chart installation, leave the probe.snmpv3.secretName parameter unset and follow the details below to set the probe.snmpv3.users parameter to specify a list of SNMP V3 users.

The SNMP V3 User object consists of the following parameters.

Table 1. Configurable parameters
Parameter name	Description
name	The security user name. Example: `netcoolTrap`
authEncryptionMethod	The authentication type (`MD5`, `SHA`, or `SHA256`). When running in FIPS 140-2 mode, use `SHA` for this parameter. Example: `MD5`
authEncryptionPassword	The authentication password. This must be at least eight characters in length. Example: `tr4psMD5`
privacyEncryptionMethod	The type of privacy (either `DES` or `AES`). When running the probe in FIPS 140-2 mode, use `AES` for this parameter. This parameter is optional. Example: `DES`
privacyEncryptionPassword	The privacy password. This parameter is optional. Example: `tr4psDES`
authEngineIdentifier	The engine ID of the trap source associated with the user. The engine ID is required for traps, but optional for informs. Example: `0x0102030405`

The example settings above are shown below. They should be set in the probe.snmpv3.users parameter and the probe.snmpv3.secretName should be unset to enable them.

- name: netcoolTrap
              authEncryptionMethod: MD5
              authEncryptionPassword: tr4psMD5
              privacyEncryptionMethod: DES
              privacyEncryptionPassword: tr4psDES
              authEngineIdentifier: '0x0102030405'

You can add more user entries to add more security users. The following example shows two security users netcoolTrap and netcoolInforms.

Note: Use the values.yaml file to specify the list of users especially when you intend to add multiple security users.

probe:
  snmpv3:
    enabled: true
    users:
      - name: netcoolTrap
        authEncryptionMethod: "MD5"
        authEncryptionPassword: "tr4psMD5"
        privacyEncryptionMethod: "DES"
        privacyEncryptionPassword: "tr4psDES"
        authEngineIdentifier: "0x0102030405"
      - name: netcoolInform
        authEncryptionMethod: "MD5"
        authEncryptionPassword: "1nformsMD5"
        privacyEncryptionMethod: "DES"
        privacyEncryptionPassword: "1nformsDES"