Updated on 2024-03-27 GMT+08:00

Functions

CSMS is a secure, reliable, and easy-to-use secret hosting service. Users or applications can use CSMS to create, retrieve, update, and delete credentials in a unified manner throughout the secret lifecycle. CSMS can help you eliminate risks incurred by hardcoding, plaintext configuration, and permission abuse.

Unified Secret Management

Applications and business systems have a large number of secrets and are difficult to manage.

CSMS can store, retrieve, and use secrets in a unified manner throughout their lifecycles.

Perform the following operations to manage secrets using CSMS:

  1. Collect secrets.
  2. Upload the secrets to CSMS.

Secure Secret Retrieval

Many applications store plaintext secrets, such as passwords, tokens, certificates, SSH keys, and API keys, in their configuration files to be used for authentication when they access databases or other services. Plaintext and hardcoded secrets are prone to breach and incur security risks.

CSMS allows users to dynamically query secrets via APIs instead of hardcoding the secrets, greatly reducing breach risks.

Perform the following operations to manage secrets using CSMS:

When an application reads its configurations, it calls CSMS APIs to retrieve secrets. Neither hardcoded nor plaintext secrets are required.

CSMS Basic Features

Table 1 CSMS basic features

Function

Description

Secret lifecycle management

  • Create, view, and schedule and cancel the deletion of secrets.
  • Change the secret encryption key and description.

Secret version management

  • Create and view secret versions.
  • View secret values.

Secret version status management

Update, query, and delete secret versions.

Secret tag management

Add, search for, edit, and delete tags.