Overview of CredHub Service Broker

CredHub Service Broker allows apps running on VMware Tanzu Application Service for VMs (TAS for VMs) to access secure credentials in CredHub.

Apps can use these credentials to authenticate with services not on TAS for VMs, including services running on Tanzu Operations Manager such as Spring Cloud Services and services external to Tanzu Operations Manager.

The CredHub Service Broker uses secure binding credentials to prevent credential exposure in the app environment.

Overview

The CredHub Service Broker registers a service broker with TAS for VMs and exposes its service plans on the Marketplace. Developers can then create service instances using Apps Manager or the Cloud Foundry Command Line Interface (cf CLI) and bind them to their apps.

Creating a CredHub Service Broker instance and binding it to an app creates a credential in CredHub and provides the reference to that credential in the app environment. This allows developers to deploy apps that can securely access credentials for services that are not running on TAS for VMs.

Key Feature

The key feature of CredHub Service Broker is secure access to service credentials for services that are not running on TAS for VMs.

Product Snapshot

The following table provides version and version-support information about the v1.6 release line of CredHub Service Broker.

The following table provides version and version-support information about the v1.5 release line of CredHub Service Broker.

Requirements

CredHub Service Broker has the following requirement:

• Secure binding credentials enabled in runtime CredHub

To enable secure binding credentials in runtime CredHub, see Securing Services Instance Credentials with Runtime CredHub.