Skip to content

Kitchen Security

In Automation, kitchen security consists of two factors: the connection credentials that provide access to your external data tools and the kitchen-level access for tasks and daily work.

Credentials

Every kitchen can use a Global Vault and/or optionally a Kitchen Vault. Vaults contain encrypted entries called secrets, which are most often data infrastructure connection credentials.

Users can only manage and leverage the secrets available to a kitchen if they are granted kitchen access. This allows freedom of user experimentation in specific kitchens while supporting isolated environments and security in others.

DataOps Automation leverages v1.1 of HashiCorp's Vault.

Kitchen access and permissions

Each kitchen has a designated user list that limits access to managing a kitchen's infrastructure, editing its recipes, and running its orders. Kitchens are locked to users who have not been added to the user list.

The user list for a kitchen can be updated from Users tab on the Configure Kitchens page.

Kitchen roles

Kitchen roles is a feature that uses custom roles to define kitchen access on a per-user level. See Kitchen Roles for more information.