Manage secrets
Access to this application is managed by Guidewire Hub. For details, see Access Cloud Platform apps and services.
To manage secrets in Guidewire Home:
-
Select a star system.
-
From
Apps, select Secrets or select it from your pinned apps.
Add a secret
To store sensitive data as a secret:
-
Specify the range of planets and applications to which the secret applies.
Select values from the Planet and Application lists. You can select multiple planets and applications.
In Planet, select
Allto apply a secret to all planets in a star system. Note that if there's a secret for a specific planet for the same key and application, this secret takes priority over theAllwildcard. -
In Key, provide the identifier for the secret.
Use at least three lowercase letters or periods. Don't use two or more periods in a row. Don't use capital letters, numbers, or special characters.
A secret key must be unique. Don't use an identifier if a variable with the same name already exists.
Example:
some.key -
In Value, provide the data to store.
Use up to 12288 characters.
Secrets with authentication data are stored as a single key-value pair. For authentication credentials, use the
user:passwordformat.Example:
user1:Password!123Secrets with additional sensitive properties are stored as a single key-value pair. To store an additional sensitive property, start a value with a colon.
Example: :externalServiceClientSecret
For details, see IS-INT-1091 Credentials Management in Guidewire Cloud Standards.
-
Select + Add secret.
When you add a secret for the existing planet, application, and key context, you can choose to override the existing value or cancel the operation. When you confirm, you add new secrets and override the values of existing secrets. When you cancel, no secrets are added or updated.
Create a secret for the administrator user
To prepare for selective deployments, you must create a secret that provides the credentials for the administrator user. In InsuranceSuite applications, this user is the unrestricted user. In each InsuranceSuite application, you can:
- Set the password for the unrestricted user.
- Replace the default unrestricted user with a different user.
To create a secret for the unrestricted user, add a secret with the following values:
-
Key
guidewire.<application>.admin.credentialsWhere
applicationis the InsuranceSuite application code. Use one of the following values:abfor ContactManagerbcfor BillingCenterccfor ClaimCenterpcfor PolicyCenter
Example:
guidewire.pc.admin.credentials -
Value
username:password
Where:
usernameis the username of the unrestricted user in the InsuranceSuite application.passwordis the password set for the unrestricted user in the InsuranceSuite application.
Example:
unrestrictedUsername:thePassword
When you change the credentials for an administrator user, update the secret and redeploy the application.
Edit a secret
To edit a value of a secret:
-
In the table, find the secret you want to edit.
-
Select
Edit. -
In the Value column, enter a new value.
Use up to 12288 characters. For authentication data, use the
user:passwordformat.Example:
user1:Password!123. -
Select
.
Clone secrets
To copy sets of secrets between planets in a star system:
-
Select Clone secrets.
-
Select a source planet.
-
From To planet, select a target planet.
You can select multiple target planets.
-
Select Clone.
If the target planet contains the same key as the source planet, you can choose to override the existing value or cancel the operation. When you confirm, you add new secrets and override the values of existing secrets. When you cancel, no secrets are added or updated.
Delete a secret
To remove a secret from the database:
- In the table, find the secret you want to delete.
- Select
Delete. - Select Delete.
Delete all secrets
To delete all secrets in a planet:
- Select Delete secrets.
- Select the planet in which you want to delete all the secrets.
- Select Delete.