Otter Documentation

Resource Credentials

Otter can manage, store, and control access to tokens, passwords, API keys, or any other of the secrets that are needed for automating modern infrastructure using Resource Credentials.

You can associate different credentials with different Environments, and permit or restrict different Users from managing or viewing the actual passwords for credentials. Of course, credentials are always encrypted before being stored.

There are several built-in types, and new types may be added with an Extension:

  • Private Key - a private key with an optional username and passphrase
  • BuildMaster - a connection to the BuildMaster API
  • ProGet - a connection to a ProGet server
  • Username & Password - just a simple username and password, such as a Windows domain account

Example: IIS Application Pool Credentials

In Microsoft's IIS, an Application Pool may be configured to run under a certain user account. Obviously, in order to do that, you must supply that username and password. Both of these fields are available on the Ensure App Pool operation, but that means you would need to have those values be stored in plain text, in your Plan.

Storing a Credential in Otter

Alternatively, you could create a Username & Password credential...

Storing a Credential in Otter

... and then specify that for the Otter credentials property.

Using a Credential in Otter

Otter will automatically map the appropriate fields at configuration time, allowing you to give the team viability into which credentials are being used, without sharing the actual credentials themselves.