Delinea Secret Store Integration
In Avantra, Administrators can define a Delinea Secret Store so users are able to link required credentials in Managed Objects to passwords stored in the Delinea Secret Store.
Adding a Secret Store
To add a Delinea Secret Store to Avantra:
-
In Avantra, click Configuration > Integrations.
-
Click the Secret Store tab.
-
Click New, then Delinea.
-
In the Create new Delinea Secret Store, define:
-
A Secret Store Name.
-
(Optional) a Description.
-
A URI Host and Port, in the URI field, that points to the Secret Store.
-
A User that has access to the secret store.
-
A Password that is used to access the secret store.
-
(Optional) a Proxy, which is used to connect to the secret store.
-
-
Click New, and the Delinea Secret Store is created.
Editing or deleting a Secret Store
You can modify a secret store by double-clicking on the entry row, making changes. Click OK to save the changes, or Cancel to discard the changes.
You can delete a secret store by single-clicking on the secret store to delete, then clicking Delete and Yes to delete the secret store. If you no longer want to delete the store, click No.
Assigning Customers to a Secret Store
You are able to assign customers to a Secret Store, which will allow for the stored credentials to be used for that customer’s system. To assign customer:
-
Select the secret store you want to assign customers to.
-
Click Assign Customers.
-
In the Assign Customers dialog, you can select customers from the left-hand list and add them to the right-hand list. The right-hand list is the list of customers that all be assigned to the Secret Store.
-
To add one customer, use the
>
symbol. To remove a single customer, use the<
symbol. -
To add/remove multiple customers, you can use
Click + Shift
to select from the list, then use the>
(to add) or<
(to remove) symbol. If the customers are next to each other in the list, you canClick + drag
to select. -
To add all customers, use the
>>
symbol. To remove all customers, use the<<
symbol.
-
-
Click OK to complete the assignment.
Syncing Secrets
Syncing Secrets is important to do to ensure that the credentials are synchonized and up-to-date.
To sync Secrets/credentials:
-
Select the secret store you want to sync credentials to.
-
Click Sync Secrets.
-
In the Synchronize secrets dialog, select the systems you want to sync the credentials. You can choose from:
-
All systems.
-
A Pre-Defined System Selector. Selecting this option displays a drop-down list to select a selector.
-
A specific 'Ad-Hoc' Custom Selection. Selecting this option displays a drop-down list to select from, as well as a checkbox for using the 'All' search criteria.
-
-
The Show Systems button will list all of the systems connected to the secret store.
-
Once a selection has been made, click Start Sync Secrets to perform the sync.
Avantra will display a dialog detailing how many credentials have synchronized from the number of linked systems.
Testing a Secret Store
You are able to perform a test connection to a Delinea Secret Store by:
-
Selecting a secret store.
-
Click Test.
Avantra will return a dialog detailing whether the connection to the Secret Store was successful or not. If the connection was unsuccessful, Avantra details why. For example, if the Secret Store URL and/or credentials need verifying due to the Secret Store not being valid.
Syncing credentials from a Secret Store to a Managed System
Once the setup of the Delinea Secret Store is completed, you can update credentials for a managed object by:
-
Opening the required managed system.
-
Click the Credentials tab.
-
Using the Secret Store drop-down, you can select the secret store to use.
-
Click Apply to update any existing credentials.
Existing fields will be read-only if the credentials have been retrieved.
For any credentials not updated/retrieved, you can input a Secret ID for that credential by making it editable. This is done by: . Clicking the left checkbox for the credential entry. . In the Configure secret ID dialog, you input the unique secret ID that is defined in the secret store. . Click Sync to apply the changes.
Secret IDs must be retrieved from Delinea. This means an Administrator has to go into Delinea to find the correct secret ID. |
The Sync All button can be used to ensure that the credentials are up to date.