Versions Compared

Old Version 4

changes.mady.by.user Chandresh Patel

Saved on

compared with

New Version 5

changes.mady.by.user Chandresh Patel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Out of box integration with HashiCorp Vault and CyberArk AAM (certificate authentication and agent based)
  • Local credential store (useful for customers that do not have external credential store)
  • Ability to integrate with other credential stores
  • Credentials can be managed from central location or from individual place where credential is utilized.

Terminology

FlexDeploy TermDescription
Credential Store Provider

Provider encapsulates logic required to retrieve credential from specific type of store. There are few providers available out of box, but you can define custom implementations using either Java class or Groovy script. Provider will define properties necessary to connect to credential store as well inputs necessary for each credential.

Credential Store

Credential store represents instance of specific type of credential store provider. You can have many such credential stores in FlexDeploy. For example, you can have store for Production credentials and another for Non Production credentials.

Local credential store is available out of box.

CredentialRepresent each individual credential, which inputs necessary to retrieve it from credential store. For local credential store, you will just provide secret text, but for HashiCorp Vault you will provide path and key name to retrieve that credential from external credential store.
Credential NameName to uniquely identify each credential. This must be unique across all credential stores. For example, if you are using same password for OS user oracle in Development environment then you can use DEV OS Oracle as name for credential.
Credential ScopeScope for credential. This serves as filtering mechanism. Various scopes are Endpoint, Project, Instance, Environment Instance. This means that endpoint password credential can not be used for Git instance password.


Tip
titleGetting Started

If you want to integrate with HashiCorp Vault or CyberArk AAM, you must first create Credential Store definition in FlexDeploy, then you can create individual credentials as necessary.

If you want to integrate with other credential stores, then you need to first create new Credential Store Provider, then create Credential Store definition, then you can create individual credentials as necessary.

If you want to just use Local credential store, then you can just create credentials as necessary for Local credential store.

...