Credentials
Credentials¶
It allows the management of global credentials or organizations over which the user has permissions. There are 2 types of permissions for organization credentials:
CREDENTIAL_READ_PERMISSION:credential:read: Allows the use, listing and viewing (without the values) of credentialsCREDENTIAL_WRITE_PERMISSION:credential:write: Allows complete management of credentials
Internally, SSMCM stores credentials in an encrypted and secure system.
Credentials, depending on the type, must be formatted as the following value:
- Credentials for integration with Ansible:
{
"token": "xxx"
}
- AWS account credentials:
{
"key": "xxxx",
"secret": "xxxx"
}
- Azure client credentials:
{
"client_secret": "xxx"
}
- Google Cloud customer credentials:
{
"type": "xxx",
"project_id": "xxx",
"private_key_id": "xxx",
"private_key": "xxx",
"client_email": "xxx",
"client_id": "xxx",
"auth_uri": "xxx",
"token_uri": "xxx",
"auth_provider_x509_cert_url": "xxx",
"client_x509_cert_url": "xxx"
}
- Oracle Cloud customer credentials:
{
"tenancy": "xxx",
"user": "xxx",
"key_content": "xxx",
"fingerprint": "xxx"
}
- Credentials of monitoring managers type New Relic:
{
"type": "apikey",
"nr_account_id": "xxx",
"nr_account_name": "xxx",
"api_key": "xxx",
"insights_api_key": "xxx"
}
- Jira ticketing manager credentials:
{
"type": "userpass",
"username": "xxx",
"password": "xxx"
}
- ServiceNow ticketing manager credentials
{
"username": "xxx",
"password": "xxx"
}
- ServiceNow ticketing manager credentials:
{
"client_id": "xxx",
"secret_id": "xxx"
}
- Ansible Tower Manager Credentials:
{
"token": "xxx"
}
All the values of the credentials, may contain in turn a field description, that will be displayed in the list of credentials, indicating a description of that credential.
Users or members of groups with a capability (CAPABILITY) global_credential_management They will also be able to manage global credentials, that is, those that are not associated with any organization, but are used for global objects or configurations.