Add Key Vault connection

Data Integrity Suite
Product
Spatial_Analytics
Data_Integration
Data_Enrichment
Data_Governance
Precisely_Data_Integrity_Suite
geo_addressing_1
Data_Observability
Data_Quality
dis_core_foundation
Services
Spatial Analytics
Data Integration
Data Enrichment
Data Governance
Geo Addressing
Data Observability
Data Quality
Core Foundation
ft:title
Data Integrity Suite
ft:locale
en-US
PublicationType
pt_product_guide
copyrightfirst
2000
copyrightlast
2026

This section provides the steps on how to configure an external key vault in the Data Integrity Suite to use with Shared Conections.

  1. From the main navigation menu, select Configuration>Key Vault.
  2. Click Add Key Vault and fill in the following details:
    Table 1.
    Field Description
    Key vault name Specifies a name that reflects its purpose or environment.
    Description Specifies a summary of the key vault’s role or scope to understand its usage.
    Key vault type Specifies the type of external key vault to integrate, such as HashiCorp Vault or any other option available in the dropdown list.
    Host url Specifies the URL or endpoint of the external key vault server. The Data Integrity Suite uses this address to connect and retrieve credentials.
    Namespace* Limited Availability Specifies the Vault Enterprise namespace in which authentication methods, policies, and secrets are defined. Namespaces provide logical isolation within Vault. If your organization uses Vault namespaces, enter the appropriate namespace path. Leave this field empty when using the root namespace.
    Authentication method

    Specifies the method used to authenticate with the external key vault. The following options are available:

    • Vault AppRole: Vault AppRole is an authentication method that allows applications or services to securely access the vault using identifiers and tokens. It is typically used in automated environments such as Continuous Integration (CI)/Continuous Delivery(CD) pipelines or backend services.

      • Role ID: Specifies the identifier of the application or service requesting access.
      • Secret ID: Specifies the secure token used to confirm identity when accessing the vault.
    • TLS certificate: TLS Certificate authentication uses digital certificates to establish a trusted, encrypted connection to the vault. It is generally used in environments that require certificate-based authentication and secure channel establishment.
      • TLS certificate ID: Specifies the identifier of the certificate used for authentication.
      • Private key: Specifies the secure key paired with the TLS certificate to verify identity and establish the connection.
    • Agent: Agent authentication is used when direct access to the vault is not available, such as in on-premises or hybrid deployments. The agent provides a secure communication channel to connect to the vault and retrieve credentials.
      • Agent secret name: Specifies the reference used by the agent to locate and retrieve the correct secret from the vault.
      • Test agent: Specifies the option to test the connection by selecting an agent from the drop-down list. This selection is only used for testing and is not stored.
  3. After entering the required details, click Test to validate the agent or cloud configuration. Once the test is successful, click Add to complete the key vault setup.
Limited Availability: |This feature is currently available only in select workspaces and might be subject to change before general availability.