๐๏ธ Store Credentials
In the Configuration section of the CI Library, you can define one or more sets of credentials to be used with source artifacts. To define credentials, you must have admin global permissions. You can use the defined credentials to provide a username and password to any HTTP URL that requires authentication.
๐๏ธ Store Shared Host Credentials
Your infrastructures can include multiple remote hosts that share the same credentials. To simplify credential management across these hosts, you can configure a single CI to define shared credentials for any remote host that requires authentication. Then, when you define an overthere host connection, you can select the shared credentials CI. This is applicable to the following host types:
๐๏ธ Manage Secrets Using CyberArk Conjur
Your development organization may choose to integrate with an external secrets management tool to support the secure management of passwords, keys, certificates and other secrets. While you can choose to manage sensitive key/value pairs for environment-specific information using internal encrypted dictionaries, Deploy also supports integration with the CyberArk Conjur secrets management tool to manage and inject secrets into Deploy. The API-based integration with Conjur enables you to define, manage, and use Conjur as an external data source for secret storage. This API will support future integrations with other secrets management tools.
๐๏ธ Manage Secrets Using HashiCorp Vault
Your development organization may choose to integrate with an external secrets management tool to support the secure management of passwords, keys, certificates and other secrets. While you can choose to manage sensitive key/value pairs for environment-specific information using internal encrypted dictionaries, Deploy also supports integration with the HashiCorp Vault secrets management tool to manage and inject secrets into Deploy. The API-based integration with Vault enables you to define, manage, and use Vault as an external data source for secret storage. This API will support future integrations with other secrets management tools.
๐๏ธ Manage Secrets Using the Simple Lookup Value Provider
For secrets and password fields used with certain CI's, you can establish a simple lookup provider that will be used to look up a value based on a lookup provider key that you specify. You can use the simple lookup provider to reference and resolve a key/value pair stored in Deploy (as opposed to an external secrets management tool such as HashiCorp Vault or CyberArk Conjur).
๐๏ธ Store Proxy Servers in Deploy
In the Configuration section of the CI Library, you can define one or more sets of proxy servers to be used with source artifacts. To define a proxy server, you must have admin global permissions. You can use the defined proxy servers to provide a
๐๏ธ Specify File Encoding on the Server
The file.encoding system property defines the file encoding setting on the Deploy server. By default, it is set to UTF-8 to work with the most systems.
๐๏ธ Update the Digital Certificate
To support secure communications, Deploy can generate a self-signed digital certificate. This can cause issues in situations where Deploy needs to be accessed using a URL other than https4516, because the Common Name in the certificate is localhost.
๐๏ธ Secure Sensitive Data With Passwords and Encrypted Dictionary Entries
This topic describes how password properties and encrypted dictionary entries combine to secure sensitive data in Deploy.
๐๏ธ Store Encrypted Passwords in Deploy
Digital.ai Deploy provides a mechanism to automatically encrypt passwords and allow you to refer to them, so you do not need to store third-party passwords in plain text in configuration files. To declare a new third-party password:
๐๏ธ Manage System Passwords
This topic describes how to change the encryption key password and the admin user's password in Deploy.
๐๏ธ HTTP CSRF Protection
Cross site request forgery or CSRF) is a class of attack that forces an end user to execute unwanted actions on an application when the user is authenticated. The Digital.ai Deploy frontend uses endpoints protected with CSRF .
๐๏ธ Pendo Analytics and Guidance
Pendo.io is a Product Analytics platform used in Deploy to enrich the product experience and provide insights to the product management team.
๐๏ธ Security FAQs
What are the implications of deprecating TLS protocol versions 1.0 and 1.1?