You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/iot-operations/secure-iot-ops/howto-manage-secrets.md
+11-9Lines changed: 11 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -35,27 +35,29 @@ Secrets are used in asset endpoints and data flow endpoints for authentication.
35
35
36
36
1. Go to the **Asset endpoints** page in the [operations experience](https://iotoperations.azure.com) web UI.
37
37
38
-
1. To view the secrets list, select **Manage certificates and secrets** and then **Secrets**.
39
-
<!-- ****TODO: Confirm this Add new secret button****** -->
40
-
1. To add a new secret, select **Add new secret**:
38
+
1. To add a new secret reference, select **Add reference** when creating a new asset endpoint:
41
39
42
40
:::image type="content" source="media/howto-manage-secrets/use-secrets.png" alt-text="Screenshot that shows the Add from Azure Key Vault and Create new options when selecting a secret in operations experience.":::
43
41
44
42
-**Create a new secret**: creates a secret reference in the Azure Key Vault and also automatically synchronizes the secret down to the edge using Secret Store extension. Use this option if you didn't create the secret you require for this scenario in the key vault beforehand.
45
43
46
44
-**Add from Azure Key Vault**: synchronizes an existing secret in key vault down to the edge if it wasn't synchronized before. Selecting this option shows you the list of secret references in the selected key vault. Use this option if you created the secret in the key vault beforehand. *Only the latest version of the secret is synced to the edge*.
47
45
48
-
When you add the username and password references to the asset endpoints or data flow endpoints, you then need to give the synchronized secret a name. The secret references will be saved in the edge with this given name as one resource. In the example from the screenshot below, the username and password references are saved to the edge as *edp1secrets*.
49
-
50
-
:::image type="content" source="media/howto-manage-secrets/synced-secret-name.png" alt-text="Screenshot that shows the synced secret name field when username password is selected for authentication mode in operations experience.":::
46
+
1. When you add the username and password references to the asset endpoints or data flow endpoints, you then need to give the synchronized secret a name. The secret references will be saved in the edge with this given name as one resource. In the example from the screenshot below, the username and password references are saved to the edge as *edp1secrets*.
51
47
48
+
:::image type="content" source="media/howto-manage-secrets/synced-secret-name.png" alt-text="Screenshot that shows the synced secret name field when username password is selected for authentication mode in operations experience.":::
49
+
52
50
## Manage synced secrets
53
51
54
-
In the [operations experience](https://iotoperations.azure.com) web UI, go to the **Asset endpoints** or **Data flows** page, select **Manage certificates and secrets**, and then **Secrets**.
52
+
In this section, we use asset endpoints as an example, the same can be applied to data flow endpoints:
53
+
54
+
1. Go to the **Asset endpoints** page in the [operations experience](https://iotoperations.azure.com) web UI.
55
+
56
+
1. To view the secrets list, select **Manage certificates and secrets** and then **Secrets**.
55
57
56
-
*****TODO: Add screenshots for the secrets page.****
58
+
:::image type="content" source="media/howto-manage-secrets/synced-secret-list.png" alt-text="Screenshot that shows the synced secrets list in the operations experience secrets page.":::
57
59
58
-
You can use the **Secrets** page to manage synchronized secrets in your asset endpoints and data flow endpoints. Secrets page shows the list of all current synchronized secrets at the edge for the resource you are viewing. A synced secret represents one or multiple secret references, depending on the resource using it. Any operation applied to a synced secret will be applied to all secret references contained within the synced secret.
60
+
You can use the **Secrets** page to view synchronized secrets in your asset endpoints and data flow endpoints. Secrets page shows the list of all current synchronized secrets at the edge for the resource you are viewing. A synced secret represents one or multiple secret references, depending on the resource using it. Any operation applied to a synced secret will be applied to all secret references contained within the synced secret.
59
61
60
62
You can delete synced secrets as well in the **Secrets** page. When you delete a synced secret, it only deletes the synced secret from the edge, and doesn't delete the contained secret reference from Azure Key Vault. You must delete the certificate secret manually from the key vault.
0 commit comments