Skip to content
← Product Feedback

What problem could Octopus Deploy solve for you?

Product Feedback: Integration

Categories

(thinking…)

Store sensitive variable values in Azure Key Vault

So sensitive project variables will be referenced from Azure Key Vault instead of being stored in octopus.

https://azure.microsoft.com/en-us/services/key-vault

3357461 - 'Azure Resource Manager Key Vault support' was only about ARM template Key Vault support.
17973586 - 'Integrate Octopus deploy with secrets managment system Vault' is similar to this issue only for https://www.vaultproject.io

This idea is similar to
https://docs.microsoft.com/en-us/vsts/build-release/concepts/library/variable-groups?view=vsts#link-secrets-from-an-azure-key-vault-as-variables

148 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Arjan van Rijn shared this idea  ·   ·  Report…  ·  Admin →

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Pedro Luz commented  ·   ·  Report

    This is high priority given the community scripts for KeyVault are very faulty :(

  • Matt B commented  ·   ·  Report

    +1 for AWS SecretsManager

  • Al commented  ·   ·  Report

    The ability to keep secrets in a secure cloud location, integrated in Octopus, and be able to write them during deployment (say your terraform step created a database and you need to save the connection string) as well as read them/apply them to apps would be great.

  • Keith D commented  ·   ·  Report

    Would be great to see some integration with external secrets management, we're about to start using Thycotic

  • Rob commented  ·   ·  Report

    +1 for Azure Key Vault integration

  • Raf commented  ·   ·  Report

    would be great to see azure key vault integration

  • Greg Lloyd commented  ·   ·  Report

    This would greatly beneficial for our deployments as it provides a secure way access and version related secrets and configurations.

  • Andris commented  ·   ·  Report

    +1 for Azure Key Vault integration

  • Darren Aitcheson commented  ·   ·  Report

    Second this - integration with Vault (also the Hashicorp Enterprise version) and also CyberArk would be very useful.

  • Eric Loveland commented  ·   ·  Report

    This was also suggested here: https://github.com/OctopusDeploy/Issues/issues/3093#issuecomment-275559590

    I would like to see this implemented as an extensibility point however. Other secrets management systems such as Thycotic Secret Server, ManageEngine Password Manager, Square KeyWhiz and any variety of on-prem and cloud HSMszure are in use throughout our industry.

    Initially I thought that this could be implemented via an Octostache extensibility point (a plugin that helps it fetch sensitive vars) but I realized this would not be compatible with offline deployments.

  • Andry commented  ·   ·  Report

    Integrate Octopus Deploy with HashiCorp Vault secrets management system