Secret providers

Note

This feature is available in Enterprise and AWS editions only.

CloudBeaver supports external secret managers to store connection credentials outside the application.

Instead of entering connection details manually, you store them in your secret provider and reference the secret by name when creating a connection. CloudBeaver retrieves the values at runtime and applies them automatically.

Typical workflow:

Create a secret in your external provider - see Secret requirements for field requirements.
Configure a secret provider in CloudBeaver - see Set up secret providers.
Create a connection and enter the secret name.

Tip

See step-by-step example for creating and using a secret.

Supported providers¶

Secret manager	Description	Documentation
AWS Secrets Manager	Managed service from AWS for storing and retrieving secrets securely. Requires IAM permissions.	AWS documentation
AWS Systems Manager Parameter Store	AWS service for storing configuration data and secrets. Integrates with IAM and supports encryption via KMS.	AWS documentation
HashiCorp Vault	Open-source tool for managing secrets and protecting sensitive data. Supports fine-grained access control.	HashiCorp documentation
CyberArk	Enterprise-grade security platform designed for managing privileged access and secrets.	CyberArk documentation

DBeaver Enterprise

DBeaver Ultimate

DBeaver Lite

CloudBeaver Enterprise

DBeaver Team Edition

dbvr

See DBeaver in action

Buy

License types

Academic licenses

Choose your product

DBeaver Desktop Products