Barbican API
E699744
Barbican API is OpenStack’s key management service interface used to securely store, manage, and retrieve secrets such as encryption keys, passwords, and certificates in cloud environments.
Statements (53)
| Predicate | Object |
|---|---|
| instanceOf |
OpenStack component
ⓘ
key management service API ⓘ |
| alsoKnownAs | OpenStack Barbican API NERFINISHED ⓘ |
| authenticatesWith | Keystone NERFINISHED ⓘ |
| canUse |
HSM backends
ⓘ
KMIP-compatible key managers ⓘ software crypto backends ⓘ |
| deploymentModel | service in an OpenStack control plane ⓘ |
| designedFor | OpenStack-based clouds ⓘ |
| documentation | https://docs.openstack.org/barbican/latest/ ⓘ |
| governedBy | OpenStack community ⓘ |
| hasComponent |
Barbican API service
NERFINISHED
ⓘ
Barbican database ⓘ Barbican keystone listener ⓘ Barbican worker ⓘ |
| implements | OpenStack key management service interface ⓘ |
| integratesWith |
OpenStack Cinder
NERFINISHED
ⓘ
OpenStack Glance NERFINISHED ⓘ OpenStack Keystone NERFINISHED ⓘ OpenStack Neutron VPNaaS NERFINISHED ⓘ OpenStack Nova NERFINISHED ⓘ OpenStack Octavia NERFINISHED ⓘ |
| license | Apache License 2.0 ⓘ |
| manages |
certificates
ⓘ
encryption keys ⓘ opaque secrets ⓘ passwords ⓘ |
| partOf | OpenStack NERFINISHED ⓘ |
| programmingLanguage | Python ⓘ |
| provides |
ACLs for secrets
ⓘ
certificate management ⓘ container-based grouping of secrets ⓘ key management ⓘ project-scoped secret storage ⓘ secret management ⓘ |
| purpose |
management of secrets
ⓘ
retrieval of secrets ⓘ secure storage of secrets ⓘ |
| repository | https://opendev.org/openstack/barbican ⓘ |
| securityFeature |
controlled access to secrets
ⓘ
multi-tenant isolation of secrets ⓘ secure secret storage at rest ⓘ |
| supports |
JSON payloads
ⓘ
RESTful HTTP interface ⓘ X.509 certificates ⓘ asymmetric keys ⓘ certificate signing requests ⓘ pagination of API results ⓘ plugin-based secret store backends ⓘ role-based access control via Keystone ⓘ secret metadata ⓘ symmetric keys ⓘ |
| usedIn | cloud environments ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.