Credentials

The Credentials tab (Inventory > Credentials) in Cloudhouse Guardian (Guardian) is the location for adding, editing, viewing, and deleting credentials. Any credentials that are added to this tab are stored securely and encrypted using industry standard asymmetric encryption. Instead of manually entering your credentials each time you add a node or integration, you can select any one of the stored credentials in this tab. By storing the credentials in one location, you no longer need to update new or expired credentials within each individual node, as you can edit the credential within the Credentials tab and have Guardian update each instance accordingly. The following topic describes how to create a stored credential and use those credentials within a new or existing node.

Note: The Credentials tab and all associated stored credential functionality is only available from V4.3460.0 of Guardian onwards. This is an optional feature that must be enabled. For more information, see July 2024 Quarterly Release.

Any existing stored credentials are displayed within a table structure on the Credentials tab. Here, you can click the Ellipses button () in the Actions column to Edit or Delete the selected credential.

Note: Once a credential is deleted, it is permanently removed from your Guardian instance and cannot be retrieved.

Create Credential

Creating a credential enables you to store credentials securely in Guardian within one location, for ease of access and updating.

To add a new set of credentials to your Guardian instance, complete the following steps:

In the Guardian web application, navigate to the Credentials tab.
Click the Create Credential button. The Create Credential page is displayed.

Complete the following options:

Option	Description
Name field	The display name for the credential within Guardian. For example, 'AWS Access Key ID'.
Description field (Optional)	Option to provide a description of the credential to distinguish it amongst others. For example, 'The AWS Access Key ID for the DEV account'.
Connection Manager Group drop-down list (Optional)	Option to select a Connection Manager group from the drop-down list to associate it with the credential. If selected, the credential can only be decrypted by Connection Managers within the selected group. If the same credential is used across multiple Connection Manager groups, the credential will need to be entered multiple times, once per Connection Manager. Note: If no Connection Manager group is selected, the password is still encrypted.
Username field (Optional)	Option to add the username associated with the Password field.
Password field	The password for the credential.
Secondary Password field (Optional)	Option to add a secondary password.

Once complete, click the Save Credential button.

The credential is then created and stored in the Credentials tab.

Use Credentials

Once you have created one or more credentials, you can begin using them within the following node types:

Linux
Windows
Network devices.

Tip: Additionally, when adding or editing Integrations that include a Virtual Machine, such as AWS EC2 and Azure Virtual Machines, any corresponding stored credentials can also be used.

To use stored credentials when adding or editing a node, complete the following steps:

On the Add/Edit Node page, select an option from the Connection manager group drop-down list.

Note: If no Connection Manager group is associated with the credential, you can skip this step.
Then, select the Password radio button. The new Credentials drop-down list is displayed.
Select a stored credential from the Credentials drop-down list.

Note: Additionally, you can select 'Add New Credential' from the drop-down list to display the Create Credential dialog. For more information on how to create a credential, see Create Credential.
Finally, click to Update or Scan Node.

Once complete, the credentials are used to authenticate Guardian's access to the target node and are saved within the node's settings. For more information on how to add/edit a node, see Add Nodes and Edit Node.