Using Azure Vault for Credential Management Service

Azure Key Vault is a tool for securely storing and accessing secrets.

A new Azure Vault provider is added for the Credential Management for property of type password.

The Azure Vault has two fields:

• Vault Name: Name of the Vault.
• Secret Name: Path of the Secret.

On TIBCO Business Studio for BusinessWorks, the format is stored as #<AZURE_VAULT_NAME>::<AZURE_SECRET_KEY>#.

TIBCO Business Studio for BusinessWorks supports two authorization methods to connect to Azure Vault:

• Service Principle and Secrets
• Managed identities for Azure Resources

To enable Azure vault credential management system, configure the following environment variables for your Cloud application:

For Service Principle and Secrets

• AZURE_VAULT
• APP_CONFIG_PROFILE
• AZURE_CLIENT_ID
• AZURE_CLIENT_SECRET
• AZURE_TENANT_ID

For Managed identities for Azure Resources

• AZURE_VAULT
• APP_CONFIG_PROFILE

For more information on the environment variables, see the Adding Custom Properties section under Configuring App Properties.