Add a secret manager
Harness includes a built-in Secret Management feature that enables you to store encrypted secrets, such as access keys, and use them in your Harness Connectors and Pipelines.
Looking for specific secret managers? See:
- Add an AWS KMS Secret Manager
- Add a HashiCorp Vault Secret Manager
- Add an Azure Key Vault Secret Manager
- Add Google KMS as a Harness Secret Manager
- Add an AWS Secrets Manager
Before you begin
Step 1: Configure Secret Manager
- Select your Account or Organization or Project.
- Select Connectors in Setup.
- Create new Connector. The Connectors page appears.
- Select a Secret Manager type under Secret Managers. See:
- Add an AWS KMS Secret Manager
- Add a HashiCorp Vault Secret Manager
- Add an Azure Key Vault Secret Manager
- Add Google KMS as a Harness Secret Manager
- Add an AWS Secrets Manager
- Provide the account access information for the new secret manager.
- If you choose to set this secret manager as the default, select Use as Default Secret Manager.
- Click Finish.
When a new Default Secret Manager is set up, only new Cloud Provider and/Connector secret fields are encrypted and stored in the new Default Secret Manager. Cloud Providers and Connectors that were created before the modification, are unaffected. Where is the Secret for the Secret Manager Stored?
Harness stores all your secrets in your Secret Manager.
The secret you use to connect Harness to your Secret Manager (password, etc) is stored in the Harness Default Secret Manager.
You can't add secrets to the Org or Project scopes using an Account or Org Scope Secret Manager.