Storing proxy credentials in GCP Secret Manager - BlueCat Cloud Resolver - 1.7.2

BlueCat Cloud Resolver Administration Guide

Locale
English
Product name
BlueCat Cloud Resolver
Version
1.7.2
When configuring Cloud Resolver to retrieve the proxy credentials from GCP Secret Manager, you must configure the following configuration parameters:
  • CRS_VAULT_TYPE
  • CRS_VAULT_PROXY_USER_PATH
  • CRS_VAULT_PROXY_PASS_PATH

The CRS_VAULT_TYPE parameter must be set to csp to indicate that the vault service is provided by a cloud service provider.

To store your proxy credentials in GCP Secret Manager, create new GCP Secret Manager secrets where the name/value pairs correspond to the username and password of the proxy. For more information on creating secrets, refer to https://cloud.google.com/secret-manager/docs/create-secret-quickstart.

Once you have created the GCP Secret Manager secrets, click the name of the newly created secret that contains the proxy credentials. Use the value under the name of the proxy username secret and proxy password secret as the CRS_VAULT_PROXY_USER_PATH and CRS_VAULT_PROXY_PASS_PATH parameter values within the Cloud Resolver configuration file.

The following is an example cloud-resolver.conf file with the configuration parameters to retrieve proxy credentials stored in AWS Secrets Manager:
CRS_VAULT_TYPE="csp"
CRS_VAULT_PROXY_USER_PATH="projects/123456789012/secrets/proxy_username"
CRS_VAULT_PROXY_PASS_PATH="projects/123456789012/secrets/proxy_password"