ManagedVault Connectors

The ManagedVault subsystem provides enterprise-grade secret management with access controls.

Available Connectors

SecretManagerManagedVault

Role: AWS Secrets Manager with managed access
Summary: Provides managed secret storage using AWS Secrets Manager with fine-grained access control and audit capabilities.

Example Configuration:

import { SRE } from '@smythos/sre';

SRE.init({
    ManagedVault: {
        Connector: 'SecretManagerManagedVault',
        Settings: {
            region: 'us-east-1',
            vaultName: 'my-managed-vault',
            awsAccessKeyId: process.env.AWS_ACCESS_KEY_ID,
            awsSecretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
        },
    },
});
Copy

Use Cases:

• Enterprise secret management
• Managed access controls
• Audit and compliance requirements
• Multi-tenant secret isolation
• AWS-integrated environments

Security Features:

• Automatic encryption at rest using AWS KMS
• Fine-grained IAM access control
• Audit logging through CloudTrail
• Automatic secret rotation capabilities
• Cross-region replication support

NullManagedVault

Role: No-operation managed vault connector
Summary: Provides a null implementation for managed vault operations. Used when managed secrets are not required.

Example Configuration:

import { SRE } from '@smythos/sre';

SRE.init({
    ManagedVault: {
        Connector: 'NullManagedVault',
        Settings: {},
    },
});
Copy

Use Cases:

• Development environments
• Applications without managed secrets
• Testing scenarios
• External secret management
• Simplified deployments

Managed Vault vs Regular Vault

Regular Vault: Basic secret storage and retrieval Managed Vault: Enterprise features with:

• Access control policies
• Audit logging
• Multi-tenant isolation
• Advanced security features
• Compliance requirements