To help you build a New Relic application, we provide you with the New Relic One SDK. On this page, you’ll learn how to use NerdStorageVault to store data in an encrypted storage solution.
Using NerdStorageVault in your apps
NerdStorageVault is used to store and retrieve sensitive secrets data such as:
- personal access tokens
- license keys
- API keys
- other third party secrets
Tip
NerdStorageVault is encrypted with AES-256 encryption
Usage considerations
- This storage is unique per Nerdpack, and can't be shared with any other Nerdpack.
- NerdStorageVault can currently only be used within the context of a Nerdpack.
- You cannot make a direct query or mutation to NerdStorageVault.
- You can explore the fields and response types via the NerdGraph API explorer.
- The only supported scope is ACTOR, or data that relates to a particular user.
Component library
Currently NerdStorageVault is available in the alpha release of Nr1 Community component library and is not available in the Nr1 core components library. Open source components can be use to augment Nr1 core components for additional functionality.
NerdGraph queries
Below are examples of the queries used by the components to interact with NerdStorageVault.
Tip
NerdStorageVault can currently only be used within the context of a Nerdpack.Write
mutation { nerdStorageVaultWriteSecret( scope: { actor: CURRENT_USER } secret: { key: "test", value: "secret_test" } ) { status errors { message type } }}
Delete
mutation { nerdStorageVaultDeleteSecret( scope: { actor: CURRENT_USER } key: "test_key" ) { status errors { message type } }}
Fetch a single secret
query { actor { nerdStorageVault { secret(key: "test_key") { key value } } }}
Fetch a list of secrets
query { actor { nerdStorageVault { secrets { key value } } }}
Limits
- A secret value is limited to 5000 characters.
- A key value is limited to 64 characters.
- A key value must only include alphanumeric, '_' or '-' characters
Permissions for working with NerdStorageVault
In order to persist changes to NerdStorageVault, such as writing, deleting, and fetching data, you must have a user role with permission to persist changes.