custodia

Modular and pluggable Secrets Manager

Custodia allows one to serve retrieve, manage and store secrets for other applications. It is useful for distributed, stateless applications that use an image file base approach for instantiation like container based images. But it is alaso useful to manage distribution of key material across a multiple machines over a network.

python-custodia

Sub-package with python2 custodia modules

Custodia is a Secrets Service Provider, it stores or proxies access to keys, password, and secret material in general. Custodia is built to use the HTTP protocol and a RESTful API as an IPC mechanism over a local Unix Socket. It can also be exposed to a network via a Reverse Proxy service assuming proper authentication and header validation is implemented in the Proxy. Custodia is modular, the configuration file controls how authentication, authorization, storage and API plugins are combined and exposed.