Open moisesguimaraes opened 6 years ago
So let me try to give you pointers I can figure out right away:
Now to the once I do not understand:
Finally note that Custodia is not really meant to store secrets, although it has sample code for doing that, it's core strenght is in giving you a simple REST API and a pluggable service that can be easily routed and transformed as needed, for segmentation/performance/other reasons.
Hi @simo5,
Thanks for your help!
Maintenance burden means that features we'd like to have or bug fixes would have to be implemented by our team. We have in our team people contributing to custodia already. This issue is basically to figure out the FreeIPA Vault column. As freeipa/freeipa doesn't support issues, I was redirected to this repo at #freeipa irc channel.
Thanks also for highlighting that Custodia isn't meant to store secrets, I wasn't aware of that.
If you have questions concerning IPA vault, feel free to write a mail to the FreeIPA users mailing list. You can find information about the list on https://www.freeipa.org/page/Contribute
FreeIPA doesn't use github for issues. It's using pagure as issue tracker. The issue tracker is for bugs and feature requests. General questions should go on the users mailing list.
Hi all o/
I'm working on a research to select a secret management solution to protect secrets on TripleO (OpenStack installer). The main goal is to secure secrets from the undercloud (undercloud-passwords.conf) ansible playbooks, hiera/puppet, openstack configuration files, and any other secret we have there.
This is the data I have collected so far, the lines are explained after the table:
[ansible | hiera ] integration: can I retrieve a protected secret to a variable in an ansible playbook or chef recipe?
[ castellan | barbican ] integration: can this secret manager act as a backend to castellan or barbican?
comunity: where can I find help?
[RDO, RHEL, Fedora, CentOS] packages: are there packages available in this systems?