Barbican

Create Secret Store Interface

Registered by Nathan Reller on 2014-04-24

The blueprint proposes creating a generic key store resource that will allow support for many new key stores including PKCS#11, PKCS#12, and KMIP. The current implementation of Barbican currently stores all of its keys in a database and does not provide an interface for storage outside of a database. This blueprint will allow keys to be stored on a hardware security device or a remote key store operated by a customer or third party.

Read the full specification

Blueprint information

Status:: Complete

Approver:: Douglas Mendizábal

Priority:: Medium

Drafter:: Nathan Reller

Direction:: Approved

Assignee:: Nathan Reller

Definition:: Approved

Series goal:: Accepted for juno

Implementation:: Implemented

Milestone target:: 2014.2

Started by: Douglas Mendizábal on 2014-07-10

Completed by: Douglas Mendizábal on 2014-07-10

Related branches

Related bugs

Sprints

ahmed

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/create-secret-store,n,z

Addressed by: https://review.openstack.org/94710
Add SecretStore interface

Addressed by: https://review.openstack.org/110386
Adds store_supports to secret_store

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information

Everyone can see this information.

Subscribers

Bruce A Rich

Priti Desai