3.7 Secret management

In Ops I, users can safely manage credential information (for example, IDs and passwords required for accessing existing systems, public clouds, tools, and other operation targets) as secrets. By doing so, the operation agent will no longer need to manage multiple instances of credential information by using a ledger or anything else, thus reducing the risk of information leaks that might be caused as a result of loss or theft. Registered secrets are encrypted with AES-GCM using a 256-bit AES key and a 96-bit nonce and then saved.

Functions other than secret registration and secret changes for workflow execution are not supported by this application. Please do not attempt to use them.
In addition, access the Vault from the secret application to execute this application. When logging into the Vault, select the Method “OIDC”, leave Role blank, and click “Sign in with OIDC Provider”.

Section structure

3.7.1 Register a secret
3.7.2 Change a secret
3.7.3 Register user credential information