Domains / Security and Compliance/ API Endpoint

Vault Secrets Read

HashiCorp Vault API endpoint for retrieving secrets, generating dynamic credentials, and performing transit encryption operations.

API Endpoint Application active

The Vault API path /v1/secret/data/{path} handles KV-v2 secret reads. Platform services authenticate via the Kubernetes auth method (/v1/auth/kubernetes/login). Dynamic database credentials are issued via /v1/database/creds/{role} with a configurable TTL and automatic revocation on token expiry.

Relationships

Composes outgoing 1
Target Element Element Type
Vault API Software Subsystem
Part of incoming 1
Source Element Element Type
Vault API Software Subsystem
Realized by incoming 1
Source Element Element Type
Secrets Vault API API Contract

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type API Endpoint
Layer Application
Domain Security and Compliance
Status active
Owner Security Team

Additional Metadata

Api Catalog Id EP-SEC-006
Protocol REST
Auth Method mTLS
Archimate Type application-interface
Ddd Type Application Service
Togaf Type Information System Service

Meta Model

Business
Organization
Application current
Technology

Actions