CredHub Service Broker for PCF

The CredHub Service Broker for PCF allows apps running on Pivotal Application Service (PAS) to access secure credentials in CredHub.

Apps can use these credentials to authenticate with services not on PAS, including services running within PCF such as Spring Cloud Services for PCF and services external to PCF.

The CredHub Service Broker for PCF uses secure binding credentials to prevent credential exposure in the app environment.

Overview

The CredHub Service Broker for PCF registers a service broker with PCF and exposes its service plans on the Marketplace. Developers can then create service instances using Apps Manager or the Cloud Foundry Command Line Interface (cf CLI) and bind them to their apps.

Creating a CredHub Service Broker instance and binding it to an app creates a credential in CredHub and provides the reference to that credential in the app environment. This allows developers to deploy apps that can securely access credentials for services that are not running on PAS.

Key Features

CredHub Service Broker for PCF includes the following key features:

  • Secure access to service credentials for services that are not running on PAS.

Product Snapshot

The following table provides version and version-support information about CredHub Service Broker for PCF.

Element Details
Tile version v1.4.8
Release date July 23, 2020
Software component version v1.4.8
Compatible Ops Manager versions 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, and 2.10
Compatible VMware Tanzu Application Service for VMs versions 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, and 2.10
IaaS support AWS, Azure, GCP, OpenStack, and vSphere
IPsec support? Yes

Requirements

CredHub Service Broker for PCF has the following requirement:

  • Secure binding credentials enabled in runtime CredHub

To enable secure binding credentials in runtime CredHub, see Securing Services Instance Credentials with Runtime CredHub (Beta).