Domains / Security and Compliance/ Component

Secrets and Key Management

Provides centralized management of encryption keys, TLS certificates, secrets, and service credentials used across all platform services.

Component Application active vendor

Secrets and Key Management is the platform's single point of authority for cryptographic material. All services retrieve secrets at startup via Vault agent injection rather than environment variables. Key rotation is automated via GCP KMS-backed Vault unsealing.

Relationships

Composes outgoing 1
Target Element Element Type
Security and Compliance Domain
Realizes outgoing 2
Target Element Element Type
Secrets Vault Software System
Identity and Access Management Business Capability
Serves outgoing 1
Target Element Element Type
Secrets Vault API API Contract
Owns outgoing 1
Target Element Element Type
Encryption Key Aggregate Data Aggregate
Part of incoming 1
Source Element Element Type
Security and Compliance Domain
Realized by incoming 2
Source Element Element Type
Secrets Vault Software System
Secrets Vault API API Contract
Owned by incoming 1
Source Element Element Type
Encryption Key Aggregate Data Aggregate

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type Component
Layer Application
Domain Security and Compliance
Status active
Sourcing vendor
Owner Security Team

Additional Metadata

Archimate Type application-function
Ddd Type Bounded Context
Togaf Type Information System Service
Emm Type Logical IS Component

Meta Model

Business
Organization
Application current
Technology

Actions