About Edge Vaults

Important  This feature is available only in the latest UI.

The Edge Vault feature allows you to integrate your Edge site with your existing vault provider and implement your organization’s credential management policies for any data source to which Edge connects.

A vault provider is a third-party secret management service, which should already be implemented by your organization. Your vault provider will store your data source information behind different types of Vault Keys, such as queries or names. Each vault may have requirements or restrictions surrounding what and how this information is stored. We recommend you review your vault provider's documentation for any of these requirements.

Once your integrate your Edge site with your vault provider, you can create Edge connections which call to your vault to retrieve the data source information. You must enter the vault specific Vault Key for each data source property you need or want to pull into your connection. For example, if you want to pull a data source password into your Edge connection, and in your vault this data source password is stored by the secret name my-secret, then you would enter my-secret as the Vault Key for the password field.

Important If your data source connection requires a file to establish a secure connection, then the sensitive contents of the file must be encoded into Base64 and stored as a secret in your vault.

Edge supports the following vault integrations:

• CyberArk Vault
  • Supported version:
    • CyberArk Credential Provider: 8.0.0
• HashiCorp Vault
  •  Supported version:
    • HashiCorp Vault 1.15.x
  • Support secret engines:
    • Key Value V2 Secret Engine
    • Database Secret Engine
• Azure Key Vault
• AWS Secrets Manager
• Google Secret Manager

What's next?

• Integrate your Edge site to your vault provider.
• Learn how to set up an Edge connection with your vault.