Question
Integrating Hashicorp with Pega
Has anyone implemented Integration with Hashicorp to store password for Pega Data/Rule schema? Currently we are using jboss vault to store and encrypt password for rule/data schema which is passed to Pega during startup using standalone.xml file.
I am able to find only one link for Hashicorp-Pega, but that doesnt seem to address this exact use case.
Configuring a HashiCorp Vault keystore | Pega
Bits In Glass
IN
Yes, it is possible to use Hashicorp Vault as a secrets management solution for Pega Data/Rule schema passwords.
Here are the general steps that you can follow to implement the integration:
-
Install and configure Hashicorp Vault.
-
Set up a Vault policy that allows Pega to access the secrets.
-
Create a new secret engine in Hashicorp Vault that will store the Pega Data/Rule schema password.
-
Use the Vault REST API to retrieve the password from Vault during Pega startup.
-
Pass the retrieved password to Pega during startup by updating the standalone.xml file.
-
Configure Pega to use the retrieved password to access the Pega Data/Rule schema.
Note that the details of how to perform each step will depend on your specific setup and requirements. It's also important to ensure that the integration is secure and that appropriate access controls are in place to protect sensitive information.
You may find the Pega Community article "Securely manage your Pega Platform secrets with HashiCorp Vault" helpful as it provides a step-by-step guide on how to integrate Pega with Hashicorp Vault.