Uploaded image for project: 'Ansible Automation Platform RFEs'
  1. Ansible Automation Platform RFEs
  2. AAPRFE-2483

Syncing within Hashicorp vault and AAP using KV pairs tagging.

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • 2.5
    • aap-ui
    • False
    • Hide

      None

      Show
      None
    • False

      Issue:-

      The syncing could be done on tag KV pairs within Hashicorp vault and AAP

      So it would allow multiple tags to be placed on the Hashicorp vaultĀ  Credential and then have AAP sync that credential in. The Tags would then define who/what can access that secret

      e.g.

      env:dev, its:abcdef, project:unix_shared_org

      So you could have a Project in Prod that pulls in a specific secret and a separate Project in Prod that pulls in a different secret in the same ITSI.

      It would be great to see some tight integration with Hashi Vault, which enables linking an organization/team or similar to a safe in Vault and essentially being given access to all the secrets in automation without needing to create a credential or look up a credential for each item.

      I'm not entirely sure how this would work, but some solution that essentially allows exposing all these secrets to automation with ease would be a really nice integration.

              rht-tima Tim Appnel
              rhn-support-sussen Susmita Sen
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: