Re: Strategy for using credential vault with monaco

r_weber · ‎02 Jul 2025

I was wondering how others tackle the need of configuring e.g. workflows with monaco, where in some steps a credential needs to be loaded from the vault. And that accross multiple environments.

Example:
I create a workflow which uses at some point a credential from the vault. This is deployed via monaco, just fine. The credential ID is hardcoded and then used in the workflow:

"http_create_alerts": {
"name": "http_create_alerts",
...
"method": "POST",
"headers": {
"Content-Type": "application/json"
},
"payload": "...",
    "credential": {
    "type": "token",
    "tokenPrefix": "ApiToken",
    "credentialId": "CREDENTIAL-VAULT-12132323"
}

Now if i push this to another environment, where the credential (with same name) exists in the vault, this obviously won't work (the ID differs).

In the workflow definition I'd rather specify the credential NAME to fetch the right one, or even better manage the credential via monaco so that it can properly reference it's ID?

Does anyone have a strategy for that, maybe?

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

Julius_Loman · ‎04 Jul 2025

I use only overrides per environment . Entity lookups are, afaik, impossible with Monaco only. Entity lookup by name can be ambiguous. You create credential vault entries only once, so it should not be that difficult.
Having monaco parameter type of type entity lookup would be awesome anyway.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner