Add a "vault" for secrets to camel

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Add a "vault" for secrets to camel

lburgazzoli
Hello,

would it make sense to have a sort of "vault service" in camel to
store/retrieve secrets with support for common patterns ?

i.e.
- we can store an auth tokens and delegate to the vault to be notified
about its expiration or to renew it when needed (by registering some
functions/callbacks)
- we can provide different backends to provide secrets like for
kubernetes secrets, hashicorp's vault, etc (with support for
notification if the backend supports it)
- we can use the vault as properties source if someone prefix a
property with vault like {{vault:db.password}}



---
Luca Burgazzoli
Reply | Threaded
Open this post in threaded view
|

Re: Add a "vault" for secrets to camel

Claus Ibsen-2
Hi

Yeah at first though this sound like a great idea.



On Thu, Mar 16, 2017 at 7:08 PM, Luca Burgazzoli <[hidden email]> wrote:

> Hello,
>
> would it make sense to have a sort of "vault service" in camel to
> store/retrieve secrets with support for common patterns ?
>
> i.e.
> - we can store an auth tokens and delegate to the vault to be notified
> about its expiration or to renew it when needed (by registering some
> functions/callbacks)
> - we can provide different backends to provide secrets like for
> kubernetes secrets, hashicorp's vault, etc (with support for
> notification if the backend supports it)
> - we can use the vault as properties source if someone prefix a
> property with vault like {{vault:db.password}}
>
>
>
> ---
> Luca Burgazzoli



--
Claus Ibsen
-----------------
http://davsclaus.com @davsclaus
Camel in Action 2: https://www.manning.com/ibsen2
Reply | Threaded
Open this post in threaded view
|

Re: Add a "vault" for secrets to camel

Zoran Regvart-2
Luca,

I think this is a great idea, would love to contribute to it.

zoran
--
Zoran Regvart
Reply | Threaded
Open this post in threaded view
|

Re: Add a "vault" for secrets to camel

lburgazzoli
Logged a JIRA https://issues.apache.org/jira/browse/CAMEL-1103 for the
next release.

I would like to have a way for components to register functionalities
for the vault like backends or flows (i.e. we may create a camel-jwt
to support JSON Web Token flow) etc so feel free to add subtasks for
specific flows/functionalities.


---
Luca Burgazzoli


On Thu, Mar 16, 2017 at 11:46 PM, Zoran Regvart <[hidden email]> wrote:
> Luca,
>
> I think this is a great idea, would love to contribute to it.
>
> zoran
> --
> Zoran Regvart