Overview

Password Vault is a credential management module within Fudo Enterprise that extends traditional Privileged Access Management (PAM) capabilities. It provides encrypted storage, lifecycle management, controlled access, and full auditability of sensitive credentials and other secret data.

The module supports secure storage and management of:

• Passwords

• SSH keys

• X.509 certificates

• API keys

• Notes and structured secret data

Password Vault is designed for enterprise environments and supports hierarchical organization, role-based access control, time-limited access workflows, secret rotation, and full integration with other Fudo Enterprise components.

Key capabilities include:

• Multi-type secret storage

• Hierarchical collections (up to 5 levels)

• Role-based object rights with inheritance

• Just-in-Time access requests and approvals

• Secure secret sharing

• Complete audit trail and immutable history

• Integrated password and key generation

• Automated credential rotation

The following chapters describe the structural, security, and auditing components of the Password Vault module.

• Architecture Overview – Security Model
• Password Vault Structure
• Event Logging and Audit Trail