Troubleshooting HashiCorp Vault Credential Resolver for ServiceNow Utah Instance

Avatar
Ciara Clements
  • Updated

Summary:

  • Due to recent changes in ServiceNow, previously installed HashiCorp Vault Credential Resolver plugins may no longer be properly configured. The previous installation method of the Vault Credential Resolver is no longer available ServiceNow UATH instances.
NOTE : 
1. To install HashiCorp Vault Credential Resolver plugin, please use the 
"HashiCorp Vault Credential Resolver" App from the ServiceNow App store
2. Ensure that the Credential Resolver name used in ServiceNow Credential Resolver
configuration section is "vault-servicenow-credential-resolver". 
3. If a specific name is to be used for HashiCorp Vault Credential Resolver, 
please ensure that the jar file matches the name of the Credential Resolver.

Solution for UTAH Instances:

  1. Ensure "Discovery" and "HashiCorp Vault Credential Resolver" plugins have been activated on the instance as they may have been deactivated. If not deactivated, reactivate and wait for the activation to complete. 

    Screenshot
  2. Navigate to "Vault Credential Resolver" and ensure "Vault Settings" under "MID Server Property" are setup properly, or setup a new MID server.

    Screenshot
  3. Navigate to "Credentials" within the "Discovery" section of ServiceNow.

    *Note:  Proper permissions will need to be assigned in order to execute this step. 

    Screenshot
  4. Make sure to check the field "Applies to" to confirm if this will apply to all MID servers or only Specific MID Servers. If only specific, ensure to select the MID server the update should apply to.

  5. Test credentials and ensure credentials are resolving properly.

    *Note: Username should be role_idand password should be the secret_id for the AppRole auth method. An alias can be set if need be based on organization needs and standards.

  6. Please ensure Credential Resolver has been installed properly using our documentation, which can also be accessed by clicking the option in the drop down and selecting the links. 

    Configuring the Vault ServiceNow Credential Resolver
    1. Installing Vault Agent:
    https://www.vaultproject.io/docs/platform/servicenow/installation#installing-vault-agent
    2. Configure Credential Resolver:
    https://www.vaultproject.io/docs/platform/servicenow/configuration


 

Articles in this section

See more

Related articles