Creating a Secret
We recommend that you set secret parameters at the box level. Once set, you can ensure that those settings automatically apply to all of the secrets that you add to that box.
-
From the Cryptographic Security Platform Vault for Secrets webGUI, select Manage > Manage Boxes.
-
On the Manage Boxes page, select the box where you want to create a secret.
-
On the Box page, in the Secrets region, click Add.
-
In the Choose a type of secret to create dialog box, select the secret type and complete the information. The following secrets can be created:
Option Type
Description ESXi Host
Managed
Specify the secret for an ESXi host. This is a managed secret and you can set a rotation policy, instructing the Cryptographic Security Platform Vault for Secrets to rotate the secret periodically based on duration or on check in.
For more information, see Creating an ESXi Host Secret.
File
Static
Upload a file containing a secret such as a key or certificate.
For more information, see Creating a File Secret.
Key-Value Pair
Static
Create a secret containing one or more key-value pairs.
For more information, see Creating a Key-Value Pair Secret.
Password
Static
Generate and store a password. You can specify your own password or use the provided password generator.
Note: You can use the Cryptographic Security Platform Vault for Secrets password generator to generate a random password. The minimum length is 9 characters, and the maximum length is 64. Each password will contain at least 2 lowercase letters, 2 uppercase letters, 2 numbers, and 2 special characters.
For more information, see Creating a Password Secret.
Text
Static
Plain text-based secret.
For more information, see Creating a Text Secret.
SSH Key
Managed
Upload and manage a SSH key. For more information, see About SSH Secrets . This is a managed secret and you can set a rotation policy, instructing the Cryptographic Security Platform Vault for Secrets to rotate the secret periodically based on duration or on check in.
Note: The following algorithms are supported for SSH secrets:
-
ecdsa-sha2-nistp256
-
ecdsa-sha2-nistp384
-
ecdsa-sha2-nistp521
-
rsa-sha2-256
-
rsa-sha2-512
-
rsa-2048
-
rsa-4096
For more information, see Creating an SSH Secret.
P12
Static
Allows you to manage Public-Key Cryptography Standards (PKCS) files containing a collection of private key and certificate pairs.
For more information, see Creating a P12 Secret.
Terraform
Managed
Allows you to manage User, Team, and Organization API tokens. This is a managed secret and you can set a rotation policy, instructing the Cryptographic Security Platform Vault for Secrets to rotate the secret periodically based on duration or on check in.
For more information, see Creating a Terraform Secret.
Postgres
Managed
Allows you to manage Postgres and EnterpriseDB Postgres secrets with a password or certificate.
This is a managed secret and you can set a rotation policy, instructing the Cryptographic Security Platform Vault for Secrets to rotate the secret periodically based on duration or on check in.
For more information, see Creating a Postgres or EnterpriseDB Postgres Secret.
Microsoft SQL Server
Managed
Allows you to manage Microsoft SQL Server credentials.
This is a managed secret and you can set a rotation policy, instructing the Cryptographic Security Platform Vault for Secrets to rotate the secret periodically based on duration or on check in.
For more information, see Creating a Microsoft SQL Server Secret.
AWS Credentials
Managed
Allows you to manage AWS user credentials.
This is a managed secret and you can set a rotation policy, instructing the Cryptographic Security Platform Vault for Secrets to rotate the secret periodically based on duration or on check in.
For more information, see Creating an AWS User Credentials Secret.
-