Kubernetes Secrets Store CSI Driver

Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a Container Storage Interface (CSI) volume.

The Secrets Store CSI driver secrets-store.csi.k8s.io allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container's file system.

Want to help?

Join us to help define the direction and implementation of this project!

• Join the #csi-secrets-store channel on Kubernetes Slack.
• Join the Mailing list to receive notifications for releases, security announcements, etc.
• Use GitHub Issues to file bugs, request features, or ask questions asynchronously.
• Join biweekly community meetings to discuss development, issues, use cases, etc.

Features

• Mounts secrets/keys/certs to pod using a CSI volume
• Supports CSI Inline volume (Kubernetes version v1.15+)
• Supports mounting multiple secrets store objects as a single volume
• Supports multiple secrets stores as providers. Multiple providers can run in the same cluster simultaneously.
• Supports pod portability with the SecretProviderClass CRD
• Supports windows containers (Kubernetes version v1.18+)
• Supports sync with Kubernetes Secrets (Secrets Store CSI Driver v0.0.10+)
• Supports multiple secrets stores providers in the same cluster.

Demo

Getting Started

Check out the installation instructions to deploy the Secrets Store CSI Driver and providers. Get familiar with our CRDs and core components

Documentation

Please see the docs for more in-depth information and supported features.

Code of conduct

Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.