Contents x
    DSM Automation usage
    • 1 minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    DSM Automation usage

    • 1 minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Inject and rotate secrets

    Create automation by following the steps described in the session Register an Automation, and on the Action tab, select the template that corresponds to the solution you want to integrate.

    Azure Key Vault

    In the Action tab, select the Azure Key Vault - Inject Secret template to inject and rotate the secrets. After the execution, access the Azure Portal, search for Key Vault's services and select the vault where the secret will be injected. In configurations, click on Secrets and then click on the item created by senhasegura to see the details, as in the following example:


    Azure Key Vault generated key

     

    AWS Secret Manager

    In the Action tab, select the AWS Secret Manager - Inject Secret template to inject and rotate the secrets. After the execution, access the AWS Management Console and search for the services of Secret Management. In the secret list, click on secrets and then click on the item created by senhasegura to see the details, as in the following example:


    AWS Secret Manager details

     

    Google Secret Manager

    In the Action tab, select the Google Secret Manager - Inject Secret template to inject and rotate secrets. After the execution, access the Google Cloud Console and select the project in the upper selection tab. Then, in the side menu, access Security ➔ Secret Management. In this secrets list, click on the item created by senhasegura to see the details, as in the following example:

     

    Google Secret details

    Kubernetes

    In the Action tab, select the Kubernetes - Inject Secret template to inject and rotate the secrets. After the execution, access the Kubernetes Cluster where the secret was created and view the secret with the kubectl describe secrets/[secret_name] command, as in the following example:


    Kubernetes Secret details

     

     

    Automatically provision API from Applications POST method

    POST /iso/dapp/application

    Add cloud_profiles parameter:

    • Name: cloud_profiles
    • Type: string[] (Array of strings)
    • Required: no
    Behavior

    Application-related dynamic cloud provisioning profiles are defined.
    The value filled in will overwrite the current value of the application.
    When the value is omitted, no changes are made.
    If an empty array is filled, all application profiles will be removed.

    Example:
    cloud_profiles: ["aws_profile", "gcp_profile"]

    Add credential_profiles parameter:

    • Name: credential_profiles
    • Type: {device: string, profile: string}[] (Array of objects with a device and profile keys)
    • Required: no
    Behavior

    Application-related dynamic cloud provisioning profiles are defined.
    The value filled in will overwrite the current value of the application.
    When the value is omitted, no changes are made.
    If an empty array is filled, all application profiles will be removed.

    Example:
    credential_profiles:

            {device: "192.168.0.1", profile: "cassandra_profile"},

        {device: "192.168.0.2", profile: "redis_profile"},


    Was this article helpful?
    What's Next
    Digital sovereignty is a fundamental right for citizens, institutions, and society. That’s why we work every day.
    Connect With Us
    SENHASEGURA
    LEARN
    EXPLORE
    Copyright © senhasegura. All Rights Reserved