Connection Vault

What is the Connection Vault Feature?

The connection vault feature allows you to deploy database, cloud storage, and Rest connections/credentials to the server. You can give rights of specific connections to authorized personnel (User Roles) without sharing the credentials.

Instead of giving the credentials, only access is given to the users.

Configuring the Cluster Settings

The configuration documentation for this can be accessed here.

Using the Connection Vault Feature

Deploying a Shared Connection:

1. Create a new project in Astera Centerprise.

Select Project from the main toolbar, move the cursor over New and select a new type of project.

01-New-Project

2. Create/Add a shared action from the project options.

Right-click on the project name in the Project Explorer and select Add New Item… from the context menu.

Alternatively, you can add a shared action from an existing file.

02-Add-Shared-Action

3. Add a connection object to the dataflow designer.

Here, we’ve used a Database Connection object to establish a connection in the shared action file.

Note: You can use REST Connection or Cloud Storage Connection objects in a similar way.

03-Connection

4. Configure the object with the database, the access for which is to be given to the user.

04-Connection-Properties

Once your object is configured, click OK.

5. Deploy the shared connection using the right-most option present in the shared action toolbar.

05-Deploy-Shared-Conn

Clicking on it will open a new window. Here, you can add the Deployment Name and provide a Config File Path if one is present.

Enable User Authorization: If this checkbox is selected, it will check if the folder is present in the cloud with respect to the Centerprise username. If yes, the user will be able to access it; otherwise, not.

Note: This option is only applicable for cloud connections.

06-Deploy-Options

Once done, click on OK, and the deployment will be created in the Server Browser.

07-Deploy-Created

6. Open the role resources in the Server Browser that you want to give permissions to.

08-Role-Resources

7. Expand the Connection node in the Role resources window and select the connection that you want to give permission for to this role.

09-Assigning-Conenction

8. Save and close the role resources window. Once done, make sure to assign this role to the user you want to provide permissions to.

10-Resource-Roles

9. Select the role you wish to assign the user and click the right-facing arrow.

Note: You can also take a role away from the user by clicking on it in the window on the right and selecting the left-facing arrow.

11-Save-Role

Accessing the Shared Connection

10. Now, check if the user has access to the shared connection.

12-User-Access

Upon opening the properties of the Database Table Source, check the shared connections bar.

Open the properties window by right-clicking on the source object and selecting Properties from the context menu.

13-Properties-dbsource

Once opened, you’ll see the following window.

14-Shared-window

Selecting the Use Shared Connection checkbox will allow you to select from a list of shared connections from the drop-down menu.

In our case, we have allowed one deployed connection to be assigned to this user.

Deployed:DbConnection: This is the name of the connection that has been shared.

15-shared-window

This user now has access to this deployed connection.

The connection rights have been provided without the need to provide any credentials.

This concludes our discussion on the connection vault feature in Astera Centerprise.