Secrets Wallet

The Secrets Wallet provided by Usage Engine allows you to securely store and manage your password/credentials. These secrets can then be added into the functions within your streams using the Stream Editor. For these reasons, it is highly recommended that you always use the Secrets Wallet.

This allows your function to connect with external systems and applications to collect or forward data without the need to input any credentials into the function, increasing the risk of exposure. Furthermore, having the credentials stored in the Secrets Wallet makes it easier to apply the same credentials across multiple streams.

An example of a Secrets Wallet being used is by creating an AWS secret and selecting the secret with the Secrets Wallet toggle button in the Configuration screen of an AWS S3 function.

Secrets Wallet Dashboard

You can view your secrets on the Secrets Wallet dashboard page. This page contains details such as Secret Name, Last Modified Date, Secret Type, and the Number of Streams the secret is currently used in. You can filter your secrets by type, or by typing the name of your secret in the Search box.

Secret Details 

Clicking on each secret expands the view to display the Details of the specific secret. This view contains two areas: 

  • Information area: Displays your Credentials and the Description of the secret.

  • Streams area: Displays all the streams using the secret. Clicking on the View button brings you to that particular stream.

Other actions

Click the Edit or Delete buttons to edit or remove the secret credentials from the Secrets Wallet.

Note!

  • You cannot delete any secret that is currently being used by a stream.

  • When updating a secret for a Scheduled stream, the changes will take effect from the next time the stream is run. 

  • When updating a secret for a Real-time stream, you must restart the stream for the changes to take effect.

User Permissions

In addition to the permissions specified for the various user roles available in Usage Engine described in the Admin page, there are some specific actions mentioned for the Secrets Wallet feature that must be highlighted: 

  • Accessing the Overview Page

  • Viewing the Secrets Wallet

  • Creating an entry

  • Editing an entry

  • Deleting an entry

Note!

The Admin and User roles have permissions for all the actions. The Guest role, however, only have the Access the Secret Wallets Dashboard Screen and View the Secrets Wallet permissions. 

Creating a Secret

You can access the Secrets Wallet feature in the left navigation panel.

To add a secret to your Secrets Wallet:

  1. Click on Secrets Wallet in the navigation panel on the Solutions overview page. The Secrets Wallet dashboard screen is displayed where you can see details about existing secrets.

  2. Click on the Create New Secret button. The Create Secret pop-up dialog is displayed. 

  3. Enter a unique Name and optionally, enter a Description for your secret.

Note!

  • The maximum number of characters in the Name of the secret is 30.

  • Only alphanumeric characters, spaces, dashes, underscores, periods, and parentheses are supported.

  • Example: Azure_secret(SAS token)-1

  1. Select secret type from the drop-down list.

  1. Enter the appropriate credentials. The credentials needed depend on the type selected. SSL is enabled for all secret types.

Secret Type

Credentials

Secret Type

Credentials

AWS

  • Access Key ID

  • Secret Access Key

Azure

  • Authentication type: SAS Token

    • Account Name

    • SAS Token

  • Authentication type: Account Key

    • Account Name

    • Account Key

Data Masking

  • Key

Database

  • Username

  • Password

GoTransverse

  • Secret Access Key

Kafka

  • Authentication type: PLAIN/SCRAM

    • SASL Mechanism

      • PLAIN

      • SCRAM-SHA-256

      • SCRAM-SHA-512

    • Username

    • Password

  • Authentication type: OAuth

    • Host

    • Path

    • Client ID

    • Client Secret

SFTP

  • Authentication type: Password

    • Username

    • Password

  • Authentication type: Private Key

    • Username

    • Private Key

    • Passphrase (for encrypted Private Key only)

Google

  • Project ID

  • Client email

  • Private Key

OAuth 2.0

  • Authentication type: Password Credentials

    • Client ID

    • Client Secret

    • Username

    • Password

  • Authentication type: Client Credentials

    • Client ID

    • Client Secret

  • Authentication type: Private key JWT

    • Client ID

    • Public key ID

    • Algorithm

    • Private key

  • Authentication type: Bearer token

    • Bearer token

Salesforce

  • Client ID

  • Client Secret

  • Username

  • Password

SAP Subscription Billing

  • Tenant

  • Region

  • OAuth Client ID

  • OAuth Client Secret

Zuora

  • Authentication type: OAuth 2.0

    • Client ID

    • Client Secert

  • Authentication type: API Key

    • Access Key ID

    • Secret Access Key

 

  1. Click Create to create your Secret. A notification is displayed on the top right-hand side of the screen for confirmation. Your secret is now listed on the Secrets Wallet dashboard page.

Â