GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → SparebankenVest → Azure Key Vault To Kubernetes

SparebankenVest / Azure Key Vault To Kubernetes

Licence: apache-2.0
Azure Key Vault to Kubernetes (akv2k8s for short) makes it simple and secure to use Azure Key Vault secrets, keys and certificates in Kubernetes.

Programming Languages

go
31211 projects - #10 most used programming language

Labels

kubernetesazurecontrollervaultsecrets

Projects that are alternatives of or similar to Azure Key Vault To Kubernetes

Gardener
Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, EquinixMetal, vSphere, MetalStack, and Kubevirt with minimal TCO.
Stars: ✭ 2,093 (+727.27%)
Mutual labels:  azure, controller
Daytona
a vault client, but for containers and servers.
Stars: ✭ 255 (+0.79%)
Mutual labels:  vault, secrets
Ops Cli
Ops - cli wrapper for Terraform, Ansible, Helmfile and SSH for cloud automation
Stars: ✭ 152 (-39.92%)
Mutual labels:  azure, vault
Vault Secrets Gen
A Vault secrets plugin for generating high entropy passwords and passphrases.
Stars: ✭ 238 (-5.93%)
Mutual labels:  vault, secrets
secrets cli
CLI for storing and reading your secrets via vault
Stars: ✭ 24 (-90.51%)
Mutual labels:  vault, secrets
Kubernetes Reflector
Custom Kubernetes controller that can be used to replicate secrets, configmaps and certificates.
Stars: ✭ 129 (-49.01%)
Mutual labels:  controller, secrets
vault-sidecar-injector
Kubernetes admission webhook for secure, seamless and dynamic handling of secrets in your applications
Stars: ✭ 55 (-78.26%)
Mutual labels:  vault, secrets
Catesta
Catesta is a PowerShell module project generator. It uses templates to rapidly scaffold test and build integration for a variety of CI/CD platforms.
Stars: ✭ 88 (-65.22%)
Mutual labels:  vault, secrets
thycotic.secretserver
PowerShell module for automating with Thycotic Secret Server REST API
Stars: ✭ 41 (-83.79%)
Mutual labels:  vault, secrets
teller
Cloud native secrets management for developers - never leave your command line for secrets.
Stars: ✭ 998 (+294.47%)
Mutual labels:  vault, secrets
Hashicorp Vault Plugin
Jenkins plugin to populate environment variables from secrets stored in HashiCorp's Vault.
Stars: ✭ 191 (-24.51%)
Mutual labels:  vault, secrets
k8s-vault-webhook
A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
Stars: ✭ 107 (-57.71%)
Mutual labels:  vault, secrets
Spring Vault
Provides familiar Spring abstractions for HashiCorp Vault
Stars: ✭ 179 (-29.25%)
Mutual labels:  vault, secrets
Bank Vaults
A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.
Stars: ✭ 1,316 (+420.16%)
Mutual labels:  azure, vault
Helm Secrets
Successor of zendesk/helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere
Stars: ✭ 165 (-34.78%)
Mutual labels:  vault, secrets
vault-monkey
Extract secrets from your vault in a multi-machine cluster environment.
Stars: ✭ 12 (-95.26%)
Mutual labels:  vault, secrets
Vault Guides
Example usage of HashiCorp Vault secrets management
Stars: ✭ 636 (+151.38%)
Mutual labels:  vault, secrets
Drone Vault
Drone plugin for integrating with the Vault secrets manager
Stars: ✭ 36 (-85.77%)
Mutual labels:  vault, secrets
carvel-secretgen-controller
secretgen-controller provides CRDs to specify what secrets need to be on Kubernetes cluster (to be generated or not)
Stars: ✭ 54 (-78.66%)
Mutual labels:  controller, secrets
polymerase
A tool for populating templates with environment variables and Vault values
Stars: ✭ 84 (-66.8%)
Mutual labels:  vault, secrets
View All Similar Projects ➔

Azure Key Vault to Kubernetes

Build Status Go Report Card Release Tag Docker Pulls Docker Pulls

Azure Key Vault to Kubernetes (akv2k8s) makes Azure Key Vault secrets, certificates and keys available to your applications in Kubernetes, in a simple and secure way.

Documentation available at https://akv2k8s.io. Join our Slack Workspace to ask questions to the akv2k8s community.

Please spare one minute to take our survey: https://www.surveymonkey.com/r/HMFZVYR. Why? We have no ide how many are using Akv2k8s, except through user interaction here on GitHub. More importantly - what can we do to make Akv2k8s even better?

Overview

Azure Key Vault to Kubernetes (akv2k8s) will make Azure Key Vault objects available to Kubernetes in two ways:

  • As native Kubernetes Secrets
  • As environment variables directly injected into your Container application

The Azure Key Vault Controller (Controller for short) is responsible for synchronizing Secrets, Certificates and Keys from Azure Key Vault to native Secret's in Kubernetes.

The Azure Key Vault Env Injector (Env Injector for short) is responsible for transparently injecting Azure Key Vault secrets as environment variables into Container applications, without touching disk or expose the actual secret to Kubernetes.

Goals

Goals for this project was:

  1. Avoid a direct program dependency on Azure Key Vault for getting secrets, and adhere to the 12 Factor App principle for configuration (https://12factor.net/config)
  2. Make it simple, secure and low risk to transfer Azure Key Vault secrets into Kubernetes as native Kubernetes secrets
  3. Securely and transparently be able to inject Azure Key Vault secrets as environment variables to applications, without having to use native Kubernetes secrets

All of these goals are met.

Installation

For installation instructions, see documentation at https://akv2k8s.io/installation/

Credits

Credit goes to Banzai Cloud for coming up with the original idea of environment injection for their bank-vaults solution, which they use to inject Hashicorp Vault secrets into Pods.

Contributing

Development of Azure Key Vault for Kubernetes happens in the open on GitHub, and encourage users to:

  • Send a pull request with
    • any security issues found and fixed
    • your new features and bug fixes
    • updates and improvements to the documentation
  • Report issues on security or other issues you have come across
  • Help new users with issues they may encounter
  • Support the development of this project and star this repo!

Code of Conduct

Sparebanken Vest has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.

License

Azure Key Vault to Kubernetes is licensed under Apache License 2.0.

Contribute to the Documentation

The documentation is located in a seperate repository at https://github.com/SparebankenVest/akv2k8s-website. We're using Gatsby + MDX (Markdown + JSX) to generate static docs for https://akv2k8s.io.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].