Octopus Deploy
Keeper Secrets Manager Step Template for accessing secrets in Octopus Deploy
Last updated
Was this helpful?
Keeper Secrets Manager Step Template for accessing secrets in Octopus Deploy
Last updated
Was this helpful?
Retrieve secrets from the Keeper Vault to use in Octopus Deploy Library
Inject credentials directly into Octopus Deploy projects
Get files from the Keeper Vault
This page documents the Secrets Manager Octopus Deploy integration. In order to utilize this integration, you will need:
Secrets Manager addon enabled for your Keeper account
Membership in a Role with the Secrets Manager enforcement policy enabled
The Octopus Deploy integration accepts Base 64 format configurations
The Keeper Octopus Deploy Step Template utilizes Keeper Secrets Manager to provide access to secret credentials saved in the Keeper Vault. The script allows for injecting secrets directly into Octopus Deploy projects securely using Keeper's zero-knowledge infrastructure.
Name: Keeper Secrets Manager - Retrieve Secrets Description: This step retrieves one or more secrets from a Keeper Vault and creates sensitive output variables for each value retrieved. These values can be used in other steps in your deployment or runbook process. You can retrieve secrets using Keeper Notation URIs, and you can choose a custom output variable name for each secret. Required:
For a complete list of Keeper Secrets Manager features see the
Keeper Secrets Manager access (See the for more details)
A Keeper with secrets shared to it
See the for instructions on creating an Application
An initialized Keeper
To use the step template directly from : Navigate: Library > Step Templates > Community Step Templates > Browse Library Search: "Keeper Secrets Manager - Retrieve Secrets" > Install > Save
To add as a : Navigate: Library > Step Templates > Custom Step Templates > Import Paste the JSON obtained from community contributed
A application with permissions to retrieve secrets from the Keeper Vault.
The SecretManagement.Keeper.Extension
PowerShell module installed on the target or worker. If the module can't be found, the step will fail. The SecretManagement.Keeper
module(s) can be installed from the .
Keeper Secrets Manager Configuration (type: Sensitive)
Variable name: #{Keeper.SecretsManager.RetrieveSecrets.Config}
Keeper Secrets Manager for with permissions to retrieve secrets from the Keeper Vault. To generate KSM Configuration in Web Vault: Secrets Manager - KSM Application Name - Edit - Add Device, and switch to Method: Configuration file, preferably in Base64 format.
Vault Secrets to retrieve (type: Multi-line text box)
Variable name: #{Keeper.SecretsManager.RetrieveSecrets.VaultSecrets}
Use to specify the Secrets to be returned from Keeper Vault, in the format SecretsManagerNotation URI | OutputVariableName
where:
OutputVariableName
is the optional Octopus name to store the secret's value in. If this value isn't specified, an output name will be generated dynamically.
Print output variable names (type: Checkbox)
Variable name: #{Keeper.SecretsManager.RetrieveSecrets.PrintVariableNames}
Write out the Octopus names to the task log.
Default: False