You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by Luca Burgazzoli <lb...@gmail.com> on 2017/03/16 18:08:43 UTC
Add a "vault" for secrets to camel
Hello,
would it make sense to have a sort of "vault service" in camel to
store/retrieve secrets with support for common patterns ?
i.e.
- we can store an auth tokens and delegate to the vault to be notified
about its expiration or to renew it when needed (by registering some
functions/callbacks)
- we can provide different backends to provide secrets like for
kubernetes secrets, hashicorp's vault, etc (with support for
notification if the backend supports it)
- we can use the vault as properties source if someone prefix a
property with vault like {{vault:db.password}}
---
Luca Burgazzoli
Re: Add a "vault" for secrets to camel
Posted by Luca Burgazzoli <lb...@gmail.com>.
Logged a JIRA https://issues.apache.org/jira/browse/CAMEL-1103 for the
next release.
I would like to have a way for components to register functionalities
for the vault like backends or flows (i.e. we may create a camel-jwt
to support JSON Web Token flow) etc so feel free to add subtasks for
specific flows/functionalities.
---
Luca Burgazzoli
On Thu, Mar 16, 2017 at 11:46 PM, Zoran Regvart <zo...@regvart.com> wrote:
> Luca,
>
> I think this is a great idea, would love to contribute to it.
>
> zoran
> --
> Zoran Regvart
Re: Add a "vault" for secrets to camel
Posted by Zoran Regvart <zo...@regvart.com>.
Luca,
I think this is a great idea, would love to contribute to it.
zoran
--
Zoran Regvart
Re: Add a "vault" for secrets to camel
Posted by Claus Ibsen <cl...@gmail.com>.
Hi
Yeah at first though this sound like a great idea.
On Thu, Mar 16, 2017 at 7:08 PM, Luca Burgazzoli <lb...@gmail.com> wrote:
> Hello,
>
> would it make sense to have a sort of "vault service" in camel to
> store/retrieve secrets with support for common patterns ?
>
> i.e.
> - we can store an auth tokens and delegate to the vault to be notified
> about its expiration or to renew it when needed (by registering some
> functions/callbacks)
> - we can provide different backends to provide secrets like for
> kubernetes secrets, hashicorp's vault, etc (with support for
> notification if the backend supports it)
> - we can use the vault as properties source if someone prefix a
> property with vault like {{vault:db.password}}
>
>
>
> ---
> Luca Burgazzoli
--
Claus Ibsen
-----------------
http://davsclaus.com @davsclaus
Camel in Action 2: https://www.manning.com/ibsen2