Late-Binding Secrets

When you store a secret in your Tuono vault, we take great care to protect that secret. Not only does every Organization have their own dedicated vault instance, but we have minimized the amount of code that requires access the secrets in your vault to complete operations. This ensures that your secrets cannot leak in our logs, since well over 99% of our code never sees a secret.

Here's how late-binding secrets work:

When we execute blueprints against a cloud, we use the cloud vendor's API to configure their infrastructure as described by the blueprint. We have written an intermediary wrapper for the Venue's (cloud provider's) API so that when a call is made using the API we can do certain critical tasks, such as:

• Have test code that pretends to be the cloud vendor

• Inject the secret values from the Secret Vault directly in to the API call.

• Record all the API calls (but not the secret payload) in an audit log.

The code that is responsible for accessing and injecting the secrets in to the API call, from the references in the blueprint, is very small and is the very last bit of our code (late-binding) before we invoke the cloud vendor's API.