Nav

About Secret Groups

A secret group is a unique secrets vault to which all your secrets are bound. Each secret group has individual access and authorization controls.

Secrets Manager stores your secrets per secret group, per environment, and per business group. So, only applications deployed to those specific business groups and environments within your organization can access the secrets stored in each secret group.

To ensure that all clients use a consistent set of secrets and that all users edit the same set of secrets at a given time, Secrets Manager provides both high availability and consistency of stored data, as well as concurrent use functionality for secret renewals.

Availability and Consistency

By implementing Edit Sessions every time a user needs to edit secrets inside a secret group, Secrets Manager guarantees service of a consistent set of secrets.

Consider the scenario where you need to renew secrets inside a secret group: You need to click the Edit button in the Anypoint Platform UI. This opens an edit session during which the secret group locks out other users, and you can edit all the necessary security objects inside the secret group. While the edit session is open, Secrets Manager serves the same secrets it had before you opened the edit session. This guarantees that any redeployed application would still see the same, consistent secret group even though you are modifying it.

asm secret group concept cd233

After you complete your changes, you must click the Finish button in the Anypoint Platform UI. This action updates the secret group with all the renewed secrets that Secrets Manager would serve to all redeployed applications after that point.

asm secret group concept 8fc8a

Concurrency

When another user is editing a secret group, the Anypoint Platform UI provides a Cancel Edit button next to the secret group, along with the name of the user who is editing the group.

asm secret group concept 4876b

If the editing user forgets about an open edit session and is not available, you can click the Cancel Edit button to clear the that user’s session. Note that this action deletes all that user’s changes, but it allows you to click the now available Edit button to open a new edit session.

In this topic:

We use cookies to make interactions with our websites and services easy and meaningful, to better understand how they are used and to tailor advertising. You can read more and make your cookie choices here. By continuing to use this site you are giving us your consent to do this.

+