Kibana Workflows and secrets

Elastic Stack Kibana
1

Hello,

I’ve been experimenting with Kibana Workflows and really like the direction. It’s a powerful addition for automation and enrichment use cases.

One thing I’m currently struggling with is securely handling secrets (e.g. API keys) in workflows.

At the moment:

  • inputs are visible at runtime

  • consts are stored in plaintext in the workflow definition

  • There doesn’t seem to be a native way to reference Connectors or other encrypted secret stores from within a workflow step

This makes it difficult to safely implement common use cases like external enrichment (e.g. VirusTotal, AbuseIPDB) without exposing secrets or introducing workarounds (proxy services, manual input, etc.).

Is there currently a supported way to abstract or securely reference secrets in Workflows?

It would be great if workflows could:

  • Reuse existing Connectors (like alerting does), or

  • Reference secrets stored as encrypted saved objects

Thanks!

image
image734×604 73.4 KB

2

Hey @willemdh , thanks for giving workflows a go!

This is an improvement we're adding in the very next release. You can already use connectors in 9.3, but in the next release we're adding a new HTTP connector type which has full secret support.

image
image1920×1053 167 KB

1 Like
3

image
image1994×496 54.4 KB

1 Like
4

Good to know this is already planned. :slight_smile:

Looks exactly what we would need to start using Workflows!