Secure Vault

Stores keypairs and passwords; provides key download. Secure Vault can be accessed using the alias secure-vault. The Secure Vault service is a container for all credentials in the system.

Credentials will be available only in environments that the service is bound to, thus, please be cautious with services configuration. Credentials are stored and passed on wire in encrypted form. The only way to make them available outside of the system (in plain text) is to use publish-private-key, which makes them available for download directly from the controller.

Service Descriptor

get-public-key:      send-command(string id => string fingerprint, string publicKey)
publish-private-key: send-command(string id => string url)

Commands

Name Definition
get-public-key Get key metadata in OpenSSH format.
publish-private-key Returns URL that can be used only once, and is downloaded directly from the controller.

If the keypair ID is not provided, or the keypair does not contain the given ID, the commands will return a failure reason in the failure response.