Secret Management

This article covers the basic ideas and concepts for secret management in Assette Data Blocks and assumes that the user understands the basic concepts of Assette Data Blocks.

Managing secrets such as usernames, passwords, and application software certificates is vital to application security. To avoid using these in plain text format within a Data Block, Assette manages all such secrets using Azure Key Vault with can be accessed via the Assette Secret Management screen.

Only an Assette Administrator is allowed to add secrets to Azure Key Vault via the Data Block layer in the Developer Center. Administrators are not able to view or export secrets, ensuring the security of sensitive information. Once the secrets have been set up in Key Vault, Data Block Developers can use them when developing Settings Data Blocks.

Accessing the Secrets Management Section #

An Admin user can navigate to the Secrets Management section by clicking on the Secrets icon at the top right-hand corner of the screen.

Searching for Secrets #

Admin users can search for existing secrets that have been added to Key Vault in the current tenant. The search functionality will display a list of matching secrets in the list view, making it easy to locate and manage existing secrets.

Adding Secrets #

Admin users can add a secret using the Add Secret screen. There are two options for adding secrets:

1. Certificate: Add a certificate file, such as a Snowflake certificate.
2. Secret: Add a username or password as a text entry.

Adding a Text Secret #

To add a text secret:

1. Enter the Secret Key Name: Provide a unique name for the secret.
2. Description: Add a brief description to identify the purpose of the secret.
3. Key Value: Input the secret value (e.g., password).
4. Add the Secret: Click on the Add button to store this information securely in Azure Key Vault.

Adding a Certificate #

To add a certificate:

1. Enter the Secret Key Name: Provide a unique name for the certificate.
2. Description: Add a brief description to identify the certificate’s purpose.
3. Upload the Certificate File: Attach the certificate file from your local machine.
4. Add the Certificate: Click on the Add button to store the certificate securely in Azure Key Vault.

Once the secret key name, description and key value are entered, clicking on the ADD button will store this information in Azure Key Vault.

To add a certificate, enter the secret key name, description and upload the certificate file as an attachment as shown below and click ADD.

Editing Secrets #

To edit a secret:

1. Select the Secret: Click on the pencil icon next to the secret you wish to edit.
2. Modify Details: While the secret name is visible, the secret value will be masked and not visible, even to the Admin user. You can update the description or upload a new secret value.
3. Save Changes: Click on the Save button to update the secret in Azure Key Vault.

Note: For security reasons, secret values are never displayed in plain text.

Deleting Secrets #

To delete a secret:

1. Confirm Deletion: Confirm the action when prompted to permanently remove the secret from Azure Key Vault.
2. Access the Delete Option: Click on the hamburger menu (three dots) next to the secret you want to remove.
3. Delete the Secret: Select Delete from the menu.

Note: Only Admin users have the ability to delete secrets.

#