Support credential storage in regions

[egadsthefuzz]

💡 For general support requests and bug reports, please go to checklyhq.com/support

Is your feature request related to a problem? Please describe. We are required to store credentials in Australia so we are unable to do login checks via checkly

Describe the solution you'd like I would like secret storage to be optionally regional. If this is not possible perhaps you could support using an external secret storage like hashicorps vault

Describe alternatives you've considered I have tried integrating 3rd party auth but it did not work and I didn't feel it would be a very stable solution

Additional context Some customers like us have regulatory reasons that they can't have certain credentials outside of a region

[tnolet]

Hi @egadsthefuzz I can see your point regarding data storage and the various laws per industry / country. We do not have anything planned in this direction. I think a self-hosted Vault would probably be the most robust and customizable.

One follow up question.

Are you required to only store the credentials within your borders, or is transport also not allowed. This is important because when we schedule checks, we would fetch credentials to our Ireland main region and then instrument the checks. This means the credentials would cross over to the EU region.

[egadsthefuzz]

Hi Tim, As long as the credentials are at rest in our region and transported using a securely encrypted channel (tls1.2 or 1.3) they can leave the region and be inflight anywhere. I believe that would suit the vault setup, check in region, check pulls from vault in region, check goes to your scheduler/whatever in EU, checks in region with cred, sends result to EU for web/api/prometheus endpoint for us to pick up.