Expand description
§Secret Access Control
Enterprise-grade secret access control to address:
- Risk #33: Secrets accessible by too many internal services
§Features
- Service Identity Verification: Authenticate services via mTLS certificates
- Principle of Least Privilege: Grant minimum required permissions
- Service-Specific Secret Scoping: Secrets scoped to specific services
- Access Audit Logging: Log all secret access attempts
- Role-Based Access Control (RBAC): Define roles and permissions
- Secret Access Policies: Fine-grained access control policies
- Access Request Workflow: Approval workflow for sensitive secrets
- Temporary Access Grants: Time-limited secret access
Structs§
- Access
Audit Log - Access audit log
- Access
Grant - Access grant
- Access
Request - Access request
- InMemory
Secret Access Storage - In-memory storage for testing
- Secret
Access Control Manager - Secret access control manager
- Secret
Scope - Secret scope
- Service
Identity - Service identity
Enums§
- Access
Request Status - Access request status
- Access
Result - Access result
- Access
Type - Access type
- Environment
- Environment
- Secret
Access Error - Errors that can occur in secret access control
- Secret
Type - Secret type
- Service
Type - Service type
- Trust
Level - Trust level
Traits§
- Secret
Access Storage - Storage trait for secret access control