Cloud credentials

Cloud credential types manage access to cloud-based applications, including Amazon Web Services (AWS) and the Microsoft Azure cloud.

AWS Credentials

Table 1. AWS credentials form fields
Field Input value
Name Enter a unique and descriptive name for this credential. For example, you might call it AWS Main Account.
Active Enable or disable these credentials for use.
Access Key ID Enter the access key ID generated from the AWS Management Console, for example, APIAIOSFODNN7EXAMPLE.
Secret Access Key Enter the secret access key ID generated from the AWS Management Console for example, wPalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY.

Azure Service Principal credentials

Field Value
Name Enter the name of the service principal to register with the instance.
Tenant ID and Client ID Paste the values that you obtained from the Azure portal:
  • The Tenant ID is the Directory ID in Azure.
  • The Client ID is the Application ID of the application that you registered in Azure.
Authentication Method Select Client secret.
Note: Client assertion is not supported.
Secret key Paste the secret key that was generated while creating the Azure Service Principal.

This field appears when Authentication method is Client secret.

Azure Enterprise Agreement credentials

Field Description
Name Enter a descriptive name.
Enrollment number Enter the enrolment number from Azure.
Access Key Paste in the access key that Azure provides you.

Cloud Management credentials

These fields are available in the Credentials form for cloud management.
Table 2. Cloud Management credentials form fields
Field Input value
Name Enter a unique and descriptive name for this credential. For example, you might call it Cloud Atlanta.
Active Enable or disable these credentials for use.
Type Specify AWS.
User name Enter the CIM user name to create in the Credentials table. Avoid leading or trailing spaces in user names. A warning appears if the platform detects leading or trailing spaces in the user name.
Password Enter the CIM password.
SSH Passphrase Enter a memorable phrase for key generation. For example, you might enter Friday is a good day.
SSH private key Enter the SSH private key.
Authentication protocol Select the MD5or SHA authentication protocol that was used to generate the Authentication Key.
Authentication Key Enter a SSH-generated authentication key.
Privacy protocol Enter one of the following privacy protocols that describes encryption for the Privacy Key:
  • 3DES for Triple Data Encryption Standard (DES)
  • AES128 for Advanced Encryption Standard (AES) with 128 bit encryption
  • AES192 for AES with 192 bit encryption
  • AES256 for AES with 256 bit encryption
  • DES for legacy DES encryption
Enter an additional privacy key.
Credential alias Allow workflow creators to assign individual credentials to any activity in an Orchestration workflow or assign different credentials to each occurrence of the same activity type in an Orchestration workflow.
External credential store Select this check box to use an external credential storage system. When you select this option the User name and Password fields are replaced with the Credential ID field. Currently, the only supported external storage system is CyberArk.
Applies to

Select whether to apply these credentials to All MID servers in your network, or to one or more Specific MID servers. Specify the MID Servers that should use these credentials in the MID servers field.

Classification Enter the Application Classification for CI discovery.
Order

Enter the order (sequence) in which the platform tries this credential as it attempts to log on to devices. The smaller the number, the higher in the list this credential appears. Establish credential order when using large numbers of credentials or when security locks out users after three failed login attempts. If all the credentials have the same order number (or none), the instance tries the credentials in a random order.

Cloud Management (CMP) node credentials

Cloud Management (CMP) node credentials associate credentials for a virtual server that Cloud Management provisions. The Cloud Management application automatically creates these credentials.
Note: You might need to deactivate these credentials if you no longer want them used, change the order precedence, or select a MID Server that is allowed to access them. Otherwise, you do not need to manually create or modify this type of credential.
Field Description
Name The automatically generated name based on the datacenter where the virtual machine is located.
Active If the credentials are active.
Applies to Choose whether this credential is available to a specific MID Server or a all MID Servers.
Order

Enter the order (sequence) in which the platform tries this credential as it attempts to log on to devices. The smaller the number, the higher in the list this credential appears. Establish credential order when using large numbers of credentials or when security locks out users after three failed login attempts. If all the credentials have the same order number (or none), the instance tries the credentials in a random order.

User Name and Password The virtual server user name and password.
SSH passphrase and SSH private key The private key and the passphrase that protects the key if the virtual server requires it.
Authentication Protocol and Authentication Key The private key and the passphrase that protects the key if the virtual server requires it.
Privacy Protocol and Privacy Key The encryption protocol used with the virtual server and enter the privacy key.
Credential alias Allow workflow creators to assign individual credentials to any activity in an Orchestration workflow or assign different credentials to each occurrence of the same activity type in an Orchestration workflow.

Cloud Management (CMP) SSH key pair credentials

Cloud Management (CMP) SSH key pairs store the keys that the Cloud Management application automatically generates when users provision stack resources.
Note: You might need to deactivate these credentials if you no longer want them used. Otherwise, you do not need to manually create or modify this type of credential.
Field Description
Name The automatically generated name.
Active If the credentials are active.
SSH Public Key The public key.
SSH Private Key A secure private key that can be used instead of a password for SSH logins.