Machine Identity ExtensionSimplify key generation and enrollment of machine identities (also known as SSL/TLS certificates and keys) with Venafi as a Service or Trust Protection Platform |
Machine Identity Extension for Azure DevOpsBackgroundSimplify key generation and enrollment of machine identities (also known as SSL/TLS certificates and keys) that comply with enterprise security policy by using the Venafi Trust Protection Platform(TPP) or Venafi as a Service. You can request, retrieve, and renew certificates. This extension takes advantage of the VCert CLI. Basic usage can be found below and in the extension help itself; please see the VCert site for additional parameter details. Supported on Windows, Linux, and Mac. PrerequisitesEnsure the following prerequisites are met prior to using this extension: UsageThere are different authentication mechanisms depending on if you use TPP or Venafi as a Service, see below. After providing authentication, fill in the action specific fields and you are ready to go! Venafi as a ServiceVenafi as a Service uses an API Key found in your user preferences. Go to the API Keys section of your user preferences and 'Generate New Key' if one doesn't already exist. You can provide this directly or as a secure variable.
Trust Protection PlatformTPP requires a token which can either be precreated and provided with the 'Inline' option or obtained via a prior Machine Identity Extension task with a 'Get Token' action.
YAML example - Get token and Request
|
