Hi All,
Evaluating Secrets Manager for wider use in my org. Here’s my scenario:
- Using Github actions to deploy services in cloud, with secrets stored in secrets manager (using machine/access key to retrieve) - works great.
- During deploy, new random secrets are created for accessing data/telemetry/items created by the process.
For the resultant data in #2, I’d like to store these securely in bitwarden. Ideally, I’d like to make them available to other users. For example, think of these runners creating a “lab”, and these are the username/passwords/hostnames to access lab resources.
My questions are as follows:
- Can secrets manager machines create secrets in secrets manager? If so - there’s no obvious info on it that I can find.
- Can secrets manager machines create secrets in bitwarden password manager organization collections? I believe the answer to this is “no” out of the box.
From my research, it seems the only way I can share these secrets securely with bitwarden products would be to somehow hack together a “service account” pseudo-machine entity in bitwarden password manager, put those credentials in secret manager, then have the runner update password manager.
To me, this defeats the whole purpose of “Secrets Manager” though - as if I “basically recreate” secrets manager machines by hacking together a pseudo user/service account in password manager, why would we pay extra for secrets manager?
Hoping there is a better solution!