Service Certificate – STACKIT Secrets Manager

Service Name

STACKIT Secrets Manager

High level service description

STACKIT Secrets Manager (“Secrets Manager”) is a managed service that provides a secure key-value store for sensitive data (such as passwords, configuration files and text). It enables the protection and management of secrets. The Secrets Manager provides an API that enables easy integration into applications and workflows. This allows the separation of source code and secrets, and compliance requirements can be implemented.

Key Features

• Storage of secrets according to security requirements (e.g., separation of source code and Secrets)
• The customer can order a Secrets Manager fast and simply using the self-service user interface in the STACKIT portal
• Secrets can be managed via a user-friendly configuration interface and API
• Traceability of changes through versioning of individual secrets
• High availability guarantees the safe operation of the Secrets Manager
• Pre-configured auto-update functions keep components up-to-date

Service Plans

The Secrets Manager automatically scales in the number of secrets and users, there are no fixed service plans.

The following limitations apply:

• the number of API accesses is limited to 10,000 accesses per hour
• up to 100 users can be created per Secrets Manager
• five versions are saved per secret

Metric

• Billing takes place by the hour according to the number of secrets, starting with a minimum of 50.

SLA Specifics

• Secrets Manager is considered available as long as the API and configuration interface are accessible at the service delivery point.

Backup

There is a system backup of configuration files and databases. The Secrets Manager saves the last five versions of a secret. These can be restored in self-service.

Additional Terms

• The customer is responsible for the configuration of Secrets Manager (in particular the management of accounts)

Version 1.1