The purpose of this repository is to allow Splunk community to report issues and enhancements requests
2
stars
0
forks
source link
bug - SOAR Automation Broker high availability management - update of the broker will reset unexpectly any secrets of the assets for users not using a Password Vault #626
bug - SOAR Automation Broker high availability management - update of the broker will reset unexpectly any secrets of the assets for users not using a Password Vault
When performing an active update of the automation broker via the Flex Object use case, we perform an update of the Asset configuration via the SOAR API to swtich the broker from A to B.
For users not using a Password Vault, SOAR handles any credential such as an API token, the token is salted in the data.
When performing the REST POST call to the API, we should remove any field in the JSON structure which starts with a "salt:" to avoid resetting this secret unexpectly, or the asset connectivity is lost.
This only applies to internal SOAR secret management, in the sense that SOAR customers using a Password Vault are not affected by this issue.
bug - SOAR Automation Broker high availability management - update of the broker will reset unexpectly any secrets of the assets for users not using a Password Vault