Key Management
Reliable and Secure OpenStack Key Management.
What you’ll get
Users can seamlessly secure their data while maintaining its accessibility, without the burden of managing their keys personally. OpenStack’s key management service, Barbican, addresses user concerns over privacy or misuse of data.
Provides Secure Storage, Provisioning and Management of Secrets
Employ OpenStack’s key management for all of your secret’s security, provisioning, and management needs.
Plug-In Based Architecture
This plugin architecture enables users to store their secrets in one or more secret stores. These secret stores can be software-based, meaning they can be in the form of a software token, or based in hardware devices such as a Hardware Security Module (HSM).
Storage & Management
The secrets that can be stored and managed through OpenStack’s key management are passwords, encryption keys as well as X.509 certificates.
Integrates Seamlessly With All Other Offered Cloud Services
Take advantage of key management’s uncomplicated integration with OpenStack’s enterprise-grade cloud service offerings.
Block Storage
Key management stores encryption keys for encrypted volumes through simplified integration with OpenStack’s block storage service.
Keystone
Seamlessly integrates with OpenStack’s identity authentication service for complete role-based access control.
Image Storage
Easily integrates with OpenStack’s image storage service for signed images, making it possible for users to verify that no alterations were made to an uploaded image.
Object Storage
Key management enables the encryption of data at rest through integration with OpenStack’s object storage service.
Integrates Easily With Third-Party HSMs Through PKCS#11
OpenStack’s key management enables users to integrate with third-party Hardware Security Modules (HSMs) through the PKCS#11 plugin.
Optimal KEK
Your secrets are encrypted and decrypted through project-specific KEKs (Key Encryption Key) residing in your third-party HSM.
Increasingly Secure
Because each project uses a different Key Encryption Key stored inside the selected HSM, as opposed to the plaintext within the configuration file, the PKCS#11 plugin is much more secure than the simple crypto plugin.
Take advantage of our expertise! VEXXHOST is OpenStack Certified.
Our cloud services contain OpenStack software that has been validated through testing to provide API compatibility for OpenStack core services.
Get Started With Private Cloud
Why OpenStack
Learn about some key benefits using OpenStack
LATEST BLOG POSTS & NEWS.
NVMe Storage – Understanding the Protocol That Redefines Storage Architecture
VEXXHOST has adopted NVMe Storage for our Montreal region recently. In this context, here is an overview of the storage protocol. Read more.
AMD EPYC™ Gen 2 Processors Are Truly Epic and Here’s How
AMD EPYC™ Gen 2 Processor set benchmarks with its many benefits. VEXXHOST has adopted the tech for our Montreal region. Get to know everything about these revolutionary processors. Read more.
OpenStack Victoria is Here! Let’s Get To Know Version 22
The 22nd iteration of OpenStack, OpenStack Victoria, was released recently. VEXXHOST is running the latest version for its cloud operations and services across the world. Read more.
Open Infrastructure Summit 2020 – Recap of the First-Ever Virtual Summit
The Open Infrastructure Summit 2020 was held virtually and there were many exciting things that happened, including the foundation's name change and VEXXHOST's public cloud revamp. Here's a quick recap.