Expand description
Secrets management for secure key storage and retrieval.
This module provides a pluggable secrets management system with support for multiple backends including environment variables, HashiCorp Vault, and AWS Secrets Manager.
§Feature Flags
crypto- Enables secure key derivation and encryption of cached secrets
§Example
ⓘ
use ringkernel_core::secrets::{SecretStore, EnvVarSecretStore, SecretKey};
// Using environment variables (for development)
let store = EnvVarSecretStore::new("MYAPP_");
let api_key = store.get_secret(&SecretKey::new("api_key")).await?;
// Using HashiCorp Vault (for production)
let vault = VaultSecretStore::new("https://vault.example.com:8200")
.with_token_auth(env::var("VAULT_TOKEN")?)
.with_mount_path("secret/data/myapp");
let db_password = vault.get_secret(&SecretKey::new("database/password")).await?;Structs§
- Cached
Secret Store - A wrapper that adds caching to any secret store.
- Chained
Secret Store - A secret store that chains multiple stores, trying each in order.
- EnvVar
Secret Store - Secret store backed by environment variables.
- InMemory
Secret Store - In-memory secret store for testing.
- KeyRotation
Manager - Manages automatic key rotation for encryption keys.
- Secret
Key - A key identifying a secret in the store.
- Secret
Value - A secret value retrieved from the store.
Enums§
- Secret
Error - Error type for secret store operations.
Traits§
- Secret
Store - Trait for pluggable secret storage backends.
Type Aliases§
- Secret
Result - Result type for secret store operations.