The VMware Secrets Manager (VSecM) architecture consists of the following main system components:
- SPIRE: Acting as the identity control plane.
- VSecM Safe: The secure secrets store.
- VSecM Sentinel: Entry point to the system where secrets can be registered to the workloads.
- VSecM Keystone: A pod that is enabled only when the entire VSecM system reconciles.
For more details, you can view the full architecture documentation here.