Secrets Management (dsec)

gopass + age + Vault integration

← SECURITY | Portfolio Index

Category

SECURITY

Status

Operational

Premise

Secure secrets handling workflow

Goals

Zero plaintext secrets anywhere
Automated rotation via Vault
Backup to multiple encrypted locations

Current State

Production - dsec CLI operational

Next Steps

Add Vault dynamic secrets integration
Implement M-DISC cold storage

Related Documentation

Architecture Notes

gopass → age encrypt → Vault backup

Notes