Secure Secret Storage
Registered by
justinsb
(The only S3 you need to know)
Storing crypto secrets in Keystone, which are unlocked by the action of authenticating, so that the secret is not actually stored (unencrypted) anywhere.
Those secrets can then be used by any service authenticating with Keystone, so e.g. Swift can encrypt images.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Low
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Dolph Mathews
Related branches
Related bugs
Sprints
Whiteboard
https:/
Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments.
(?)