LIFECYCLE MANAGEMENT OF SECRETS ON SERVERLESS PLATFORM
An orchestration engine intermittently scans secrets, of different secret types, to identify secrets that are to be rotated. The orchestration engine calls an application programming interface (API) exposed by a serverless management system and wakes up the serverless management system. The serverle...
Gespeichert in:
Hauptverfasser: | , , , |
---|---|
Format: | Patent |
Sprache: | chi ; eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | An orchestration engine intermittently scans secrets, of different secret types, to identify secrets that are to be rotated. The orchestration engine calls an application programming interface (API) exposed by a serverless management system and wakes up the serverless management system. The serverless management system generates a new secret, stores the new secret for rotation, and interacts with a dependent system in order to revoke an old secret and implement the new secret. Once the secret is rotated, and the new secret is implemented, the orchestration engine stores the new secret in a secret store.
编排引擎间歇性地扫描不同机密类型的机密,以标识要被轮换的机密。编排引擎调用由无服务器管理系统暴露的应用编程接口(API),并且唤醒所述无服务器管理系统。无服务器管理系统生成新机密,存储该新机密以用于轮换,并且与相依系统交互,以便撤销旧机密并实现新机密。一旦机密被轮换,并且新机密被实现,编排引擎将新机密存储在机密存储库中。 |
---|