Skip to content

tarunfeb27/azure-identity-to-kubernetes

 
 

Repository files navigation

Azure Key Vault to Kubernetes

Build Status Go Report Card Release Tag Docker Pulls Docker Pulls

Azure Key Vault to Kubernetes (akv2k8s) makes Azure Key Vault secrets, certificates and keys available to your applications in Kubernetes, in a simple and secure way.

Documentation available at https://akv2k8s.io and join our Slack Workspace to ask questions to the akv2k8s community.

Overview

Azure Key Vault to Kubernetes (akv2k8s) has two components for handling Azure Key Vault Secrets in Kubernetes:

  • Azure Key Vault Controller
  • Azure Key Vault Env Injector

The Azure Key Vault Controller (Controller for short) is for synchronizing Secrets, Certificates and Keys from Azure Key Vault to native Secret's in Kubernetes.

The Azure Key Vault Env Injector (Env Injector for short) is a Kubernetes Mutating Webhook transparently injecting Azure Key Vault secrets as environment variables into programs running in containers, without touching disk or in any other way expose the actual secret content outside the program.

Goals

Goals for this project was:

  1. Avoid a direct program dependency on Azure Key Vault for getting secrets, and adhere to the 12 Factor App principle for configuration (https://12factor.net/config)
  2. Make it simple, secure and low risk to transfer Azure Key Vault secrets into Kubernetes as native Kubernetes secrets
  3. Securely and transparently be able to inject Azure Key Vault secrets as environment variables to applications, without having to use native Kubernetes secrets

All of these goals are met.

Installation

For installation instructions, see documentation at https://akv2k8s.io/installation/

Credits

Credit goes to Banzai Cloud for coming up with the original idea of environment injection for their bank-vaults solution, which they use to inject Hashicorp Vault secrets into Pods.

Contributing

Development of Azure Key Vault for Kubernetes happens in the open on GitHub, and encourage users to:

  • Send a pull request with
    • any security issues found and fixed
    • your new features and bug fixes
    • updates and improvements to the documentation
  • Report issues on security or other issues you have come across
  • Help new users with issues they may encounter
  • Support the development of this project and star this repo!

Code of Conduct

Sparebanken Vest has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.

License

Azure Key Vault to Kubernetes is licensed under Apache License 2.0.

Contribute to the Documentation

The documentation is located at docs/source/content. We're using Gatsby + MDX (Markdown + JSX) to generate static docs for https://akv2k8s.io. See docs/README.md for details.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 62.1%
  • Makefile 17.5%
  • Dockerfile 11.6%
  • Shell 8.8%