Secret Management Service

Owned by Kiran
Last updated: Mar 23, 2018
1 min read

API Documentation:

Link to Code Coverage Page

The project will provide a Secret Management Service with the following features and capabilities:

  • Support multiple Secret domains

    • Each domain can be used to multiple secrets

    • Each domain is associated with various policies

  • Each secret can have multiple key value pairs

  • Certificate based authentication

  • Authenticate users with AAF

  • Token based authentication

  • Securely store secrets using AES encryption

    • Use TPM/SGX for key storage if available

  • RESTful API support for ADD, UPDATE, DELETE of secrets

The below diagram illustraces the Secret Service High Level Flow in an ONAP Context



The below diagram illustrates how a micro service will use the Secret Client Agent to talk to the Secret Service to store or retrieve passwords.