Domains / Security and Compliance/ Software System

Secrets Vault

HashiCorp Vault deployment managing secrets, API credentials, TLS certificates, and encryption keys for all platform services.

Software System Application active vendor

Secrets Vault is a high-availability HashiCorp Vault cluster auto-unsealed via GCP KMS. Provides dynamic secrets for database credentials, PKI for certificate issuance, and transit encryption for application-level data encryption. All services use Kubernetes auth method for zero-trust secret retrieval.

Relationships

Composes outgoing 1
Target Element Element Type
Vault API Software Subsystem
Realizes outgoing 1
Target Element Element Type
Secrets and Key Management Component
Realized by incoming 1
Source Element Element Type
Secrets and Key Management Component
Part of incoming 1
Source Element Element Type
Vault API Software Subsystem

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type Software System
Layer Application
Domain Security and Compliance
Status active
Sourcing vendor
Owner Security Team

Additional Metadata

Catalog Id SYS-SEC-004
System Type platform
Vendor HashiCorp Vault
Archimate Type application-component
C4 Type System
Togaf Type Application Component

Meta Model

Business
Organization
Application current
Technology

Actions