Key Vault

For the purpose of this guide, a Simple vault type is used in our examples to securely store database information. The Simple vault type makes use of the secrets.txt file. The Simple vault type is not recommended for use in production.

The Simple Key Vault requires a text file, which contents will be encrypted, and is primarily used to store the credentials of database users. The file is only used if the vault type is set to Simple, which will be configured on the next page.

Storing Database Credentials

The Key Vault file can, most importantly, store the encrypted username, password, and URL for databases in the environment. On startup, the values in this file are encrypted, at which point these values should no longer be manually modified. The file is analyzed for an (invisible) null character followed by a binary marker: at the end of the file to verify that it is encrypted.

In the instructions below, keys and values are added to the Key Vault file. Should the file be manually updated after encryption, then please use the original unencrypted Key Vault sample file (called secrets.txt). The block below serves as a suggestion for names to use as keys for the Username, Password, and URL.

1. Create a new text file. The name and location of the file can be chosen freely, but for the purpose of this guide it is called "secrets.txt" and stored in the root directory of the AMT environment.
2. Define the keys from the block above with values of the database user's credentials:
   1. Username – the name of the user authorized to access the database.
   2. Password – the password of the user.
   3. URL – this refers to the database on a server. For example:
      • jdbc:postgresql://<Server>:<Port>/<Database> for PostgreSQL databases.
3. Save the file.

The keys that are defined above are used to configure the database on the next page.