UNPKG

@iota-big3/sdk-security

Version:

Advanced security features including zero trust, quantum-safe crypto, and ML threat detection

101 lines 3.35 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
/** * Multi-Provider Secrets Manager * Orchestrates secrets across HashiCorp Vault, AWS, Azure, GCP, and more */ import { EventEmitter } from 'events'; import { Certificate, CertificateConfig, DynamicSecretConfig, HealthStatus, MultiProviderConfig, RotationPolicy, Secret, SecretFilter, SecretLease, SecretMetadata, SecretsManager, SecretsProvider, SigningConfig } from './types'; export declare class MultiProviderSecretsManager extends EventEmitter implements SecretsManager { readonly provider = SecretsProvider.CUSTOM; private config; private providers; private primaryProvider; private isInitialized; private supportsEncryption; private supportsPKI; private supportsDynamic; constructor(config: MultiProviderConfig); /** * Initialize all configured providers */ initialize(): Promise<void>; /** * Get secret - tries primary first, then fallback providers */ getSecret(name: string, version?: string): Promise<Secret>; /** * Set secret - writes to primary and optionally syncs to others */ setSecret(name: string, value: any, metadata?: Partial<SecretMetadata>): Promise<void>; /** * Delete secret from all providers */ deleteSecret(name: string, permanent?: boolean): Promise<void>; /** * List secrets from all providers */ listSecrets(filter?: SecretFilter): Promise<SecretMetadata[]>; /** * Rotate secret */ rotateSecret(name: string): Promise<void>; /** * Schedule rotation */ scheduleRotation(name: string, policy: RotationPolicy): Promise<void>; /** * Get secret versions */ getSecretVersions(name: string): Promise<string[]>; /** * Rollback secret */ rollbackSecret(name: string, version: string): Promise<void>; /** * Get bulk secrets */ getBulkSecrets(names: string[]): Promise<Secret[]>; /** * Import secrets */ importSecrets(secrets: Secret[]): Promise<void>; /** * Export secrets */ exportSecrets(filter?: SecretFilter): Promise<Secret[]>; /** * Health check all providers */ healthCheck(): Promise<HealthStatus>; /** * Create dynamic secret (delegates to capable provider) */ createDynamicSecret(config: DynamicSecretConfig): Promise<SecretLease>; /** * Encryption service methods (delegates to capable provider) */ encrypt(plaintext: string | Buffer, context?: Record<string, any>): Promise<string>; decrypt(ciphertext: string, context?: Record<string, any>): Promise<string | Buffer>; generateDataKey(bits?: number): Promise<{ plaintext: string; ciphertext: string; }>; /** * PKI service methods (delegates to capable provider) */ generateCertificate(config: CertificateConfig): Promise<Certificate>; signCSR(csr: string, config: SigningConfig): Promise<Certificate>; revokeCertificate(serial: string, reason?: string): Promise<void>; /** * Helper methods */ private validateConfig; private createProvider; private hasEncryptionSupport; private hasPKISupport; private hasDynamicSupport; private findCapableProvider; private syncSecret; private startSync; private performSync; } //# sourceMappingURL=secrets-manager.d.ts.map