Purpose of the Infrastructure Vault?

Hi Cazi,

Thank you for reaching out!

The Infrastructure Vault is meant to store the accounts used to run the Devolutions Server, if the Devolutions Server is set with SQL accounts.
It is used mainly to automatically rotate the password of the password on these accounts.

I'll get in touch with our Documentation team so that we create a documentation page.

I hope it answers your questions.

Best regards,

How can I add an entry to that "Infrastructure Vault"?

Sadly there is still no documentation page and also no "+" Sign on the Webinterface like on other Vaults to add Accounts.
It also not shows up on the "Move" menu for PAM credentials. (can only move them to normal PAM Vaults)

Hello,

It is not possible to add account in Infrastructure Vault. That vault is there only to store the accounts used to run the Devolutions Server. Could you elaborate on your need and why you would like to add accounts in that vault instead of creating a new one ?

Best regards,

Hallo Francois,

that is exactly what I want to do.
I want to store the Database crendentials and the service accounts which Devolutions Server is using in there (e.g. the Activite Directory Domain Account to do the LADPS PAM things, which is configred as a linked Account in the PAM provider ... right now I need to store that in a PAM Vault)

I would like to use that Vault, as for my understanding it is ment for accounts which Devolutions Server is using itself and I also prefer not to have them in a PAM vaul due to RBAC concerns and automation (powershell) concerns.

Best Regards
Jean Pascal

Hello Jean Pascal,

Thank you for your answer. I understand why you want to save it there, that kind of account would make sense to be in that vault I think. We will consider again our decision to avoid user to save account there and let you know how we change things. Meanwhile, I would suggest you to create your own infrastructure vault and give rights accordingly, you should be able to get the same result.

Best regards,

Hello Francois,

thank you!

Do you mean own "infrastructure" Vault or just a Vaul designated for infrastructure accounts? (we already have it like that)
If it's the first one, how to create "infrastructure Vaults" ?
Because in the docs there is a screenshot of a "real" Infrastructure Vault with an SQL account in it, by I have no idea how you got that in there or how to create additional ones and how that should reprensent in the UI, where is only a single menu-option for Infrastructure Vault.



Picture from your docs:


Best regards
Jean Pascal

Hello Jean Pascal,

Sorry for confusion. I mean, you can create a PAM vault, like all other that you have probably created. That vault will be with all other vaults. You can't create one in the system section unfortunately.

Best regards,