Secrets Management

This page is no longer maintained (Apr 12, 2023). For the most current information, go to https://docs.snaplogic.com/cicd/secrets-mgmt/secrets-mgmt-about.html.

Overview

Secrets Management enables organizations to use a third-party secrets manager to store endpoint credentials. Instead of entering credentials directly in SnapLogic accounts and relying on SnapLogic to encrypt them, the accounts contain only the information necessary to retrieve the secrets. During validation and execution, pipelines obtain the credentials directly from the secrets manager. With Secrets Management, the configured secrets are never stored by the SnapLogic control plane or by Snaplex nodes.

Currently, we support:

Secrets Management is a subscription feature.

Limitations

The following limitations apply:

  • Secrets Management is available only for Groundplexes.

  • Secrets Management works only for account credentials, not for SnapLogic authentication or node server keys.

  • Only dynamic account types support Secrets Management.

Workflow

The high-level process required to use Secrets Management includes the following steps:

  • To obtain a subscription for Secrets Management, you must contact your SnapLogic CSM.

  • An administrator of the secrets manager configures the storage for endpoint credentials, creates authentication roles and access permissions, and generates secrets.

  • The administrator of Snaplex nodes configures them with the token and the information required to communicate with the secrets manager.

  • In SnapLogic, a Pipeline designer or Org admin configures the dynamic accounts to authenticate with the secrets manager.