Customer Vault

• For every customer of opsera we spin up an instance of vault – customer vault

• Unseal of the newly spined vault happens with the help of unseal token generated in platform vault. [Auto Unseal method]

• Once unsealed, we create default folders to store secret and a root token

• The root token is stored in platform vault

• Customers will have provision to pick and choose the desired vault for storing/retrieve a sensitive information

• Customer will have provision to pick and choose the desired path to which a secret should be stored/ retrieved

Registering Vault:

1. Login to https://portal.opsera.io -> Tool Registry -> Click “ + New Tool”

2. Locate Hashicorp Vault as and Select Tool Button

   Open

   

Open

4. Provide values in form then click ‘Create’ button

5. Open the Tool registered

6. Navigate to the Connections tab, enter Vault details and verify that the Connection has succeeded.

Adding Vault to Jenkins:

7. Create/Open the Jenkins tool(Already registered) , navigate to the Vault tab, select the customer vault (registered now) from the dropdown and click Save. 

Note: By default Opsera’s vault will be selected