Replies: 1 comment 1 reply
-
|
Do you care how "secret" these values are, e.g. if the cleartext values are visible in the database? If not, then you can use Custom Fields against a Device or VM, or Config Contexts. If they need to be encrypted, then there used to be a function called "Secrets". As of Netbox 3.0, this has been moved into a plugin. These are also stored against a Device/VM, and you need to provide a user key to decrypt them. However, I think that you'll find that a dedicated secret store like Hashicorp Vault is much more usable (especially to API consumers) and more secure-by-design. Speaking for myself, I use the same community strings across many devices, so I don't want to store the same value multiple times against each device. For these use cases, storing the secrets in Vault makes a lot more sense. I suggest you use a tag or custom field in Netbox to refer to the name of the secret, and then fetch the required secret from Vault when required. Vault has a number of very useful features, including versioned secrets. |
Beta Was this translation helpful? Give feedback.
-
|
see this discussion for a Vault plugin: #7980 |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello ,
I want to ask If I can store SNMP strings in Netbox so when I use an API call I can read it ? without the need of using the Tags ?
Best Regards
Beta Was this translation helpful? Give feedback.
All reactions