Service Certificate – STACKIT Secrets Manager

Service name

STACKIT Secrets Manager

High level service description

STACKIT Secrets Manager (“Secrets Manager”) is a managed service that provides a secure key-value store for sensitive data (such as passwords, configuration files and texts; hereinafter referred to as “Secrets”). It enables the protection and management of Secrets. The Secrets Manager provides an API that enables easy integration into applications and workflows. This allows the separation of source code and Secrets, and compliance requirements can be implemented.

Key Features

• Storage of secrets according to security requirements (e.g., separation of source code and Secrets)
• The customer can order a Secrets Manager fast and simply using the self-service user interface in the STACKIT Portal
• Secrets can be managed via a user-friendly configuration interface and API
• Traceability of changes through versioning of individual Secrets
• High availability guarantees the safe operation of the Secrets Manager
• Pre-configured auto-update functions keep components up-to-date

Service plans

The Secrets Manager automatically scales in the number of Secrets, Secret Versions and users. A new Secret Version is automatically created each time changes are made to the Secret.

The following limitations apply:

• the number of API accesses per Secrets Manager is limited to 10,000 accesses per hour
• up to 100 users can be created per Secrets Manager
• up to 1 MB of text can be stored in the form of key-value pairs for each Secret Version

Metric

• Billing takes place by the hour according to the number of Secret Versions.

SLA Specifics

• Secrets Manager is considered available as long as the API and configuration interface are accessible at the service delivery point.

Backup

• There is no customer-specific backup. The Secrets Manager automatically saves a preconfigured number of Secret Versions (unlimited by default). If a version limit is set and exceeded the oldest versions will be deleted.

Additional Terms

• The customer is responsible for the configuration of Secrets Manager (in particular the management of accounts and version limit).

Version 1.3, valid from March 4th 2025