Sample custom storage processes
This topic describes the sample processes used to get/save the secrets from/to external storage such as Amazon Web Services (AWS) Secrets Manager and Azure Key Vault.
These sample processes can be used as a reference for creating similar templates for other custom vaults and storage. All processes must be synchronous, and all the necessary custom inputs needed to connect to the storage must be read from the Configuration file settings.
A sample process for retrieving the security key from Azure KeyVault
This sample process (Retrieve Security Key (Azure)) describes how to get a security key from Azure KeyVault.
The map must be synchronous. It must include an output String variable called Security_Key with ID as SECURITY_KEY.
The map includes the following activities:
Activity 1: Get Azure Credentials From Config: This activity gets all the necessary Azure credentials to connect to the storage from the predefined settings.
This sample process is using a C# activity to read the configuration files. You can also use other options like creating a custom DLL and using it via a.NET node.
If you use a.NET custom library, make sure to add the library to the TotalAgility .NET references. See Add a .NET reference.
Activity 2: Get Security Key using Azure SDK: This activity uses the Azure SDK to get the security key. Configure the activity and map the parameters to return the key value to the Security_Key variable.
A sample process for saving the security key in Azure
This sample process (Save Security Key (Azure)) describes how to save the newly generated custom security key in the Azure KeyVault.
The map must be synchronous. It must include an initialization String variable called Security_Key with ID as SECURITY_KEY.
The map includes the following activities:
Activity 1: Get Azure Credentials From Config: This activity gets all the necessary credentials to connect to the KeyVault from the configuration settings.
This sample process is using a C# activity to read the configuration files. You can also use other options like creating a custom DLL and using it via a.NET node.
Activity 2: Save Security Key using Azure SDK: This activity uses the Azure SDK to save the security key to storage. Configure the activity and map the parameters to pass on the key value using the Security_Key variable.
If you use a.NET custom library, make sure to add the library to the TotalAgility .NET references. See Add a .NET reference.
You can also use the REST calls to save the generated security key to the Azure KeyVault with an input variable SECURITY_KEY (using the PUT verb) instead of using a custom .NET DLL.
A sample process for retrieving a single value from AWS Secrets Manager
This sample process (Retrieve Single Value (AWS)) describes how to get a single value from AWS Secrets Manager.
The map must be synchronous. It must include an initialization String variable with ID as SECRET1 and an output variable with ID as VALUE1.
The map includes the following activities:
Activity 1: Get AWS Credentials: This activity gets all the necessary credentials required to connect to AWS Secrets Manager.
This sample process is using a C# activity to read the configuration files. You can also use other options like creating a custom DLL and using it via a .NET node.
Activity 2: Get Value 1 using AWS SDK: This activity uses the AWS SDK to get the secret value which is saved to the VALUE1 process variable.
Activity 3: Extract Value 1 from Data Model: This activity (in this sample, an extraction activity) extracts the secret value from the JSON using data model into VALUE1. The configuration includes:
-
Create a data model (SingleValue) with text field name.
The returned key name from the JSON must match the dataobject field name i.e. if the key name in aws storage is ‘Value1’, then the dataobject field name should be ‘Value1’.
-
Use this data model to create the SingleValue process variable.
-
Configure this activity using the VALUE1 process variable as the target variable.
-
AWS Secret Manager by default returns a JSON.
-
Instead of a data model, you can use a custom .NET DLL to extract the values.
A sample process for retrieving two values in AWS Secrets Manager
This sample process (Retrieve Two Values (AWS)) describes how to get two values from AWS Secrets Manager.
The map must be synchronous. It must include two initialization String variables with IDs as SECRET1 and SECRET2 and two output variables with IDs as VALUE1, and VALUE2.
The map includes the following activities:
Activity 1: Get AWS Credentials: This activity gets all the necessary credentials from AWS Secrets Manager.
This sample process is using a C# activity to read the configuration files. You can also use other options like creating a custom DLL and using it via a.NET node.
Activity 2: Get Value1 using AWS SDK: This activity uses the AWS SDK to get the secret value into the VALUE1 process variable.
Activity 3: Get Value2 using AWS SDK: This activity uses the AWS SDK to get the secret value into the VALUE2 process variable.
Activity 4: Extract Value 1 from Data Model: This activity (in this sample, an extraction activity) extracts the value of VALUE1 from the data model used.
Activity 5: Extract Value 2 from Data Model: This activity (in this sample, an extraction activity) extracts the value of VALUE 2 from the data model used.
Instead of a data model, you can use a custom .NET DLL to extract the values.