aad-pod-identity
Pulumi
Our great sponsors
aad-pod-identity | Pulumi | |
---|---|---|
7 | 178 | |
570 | 19,705 | |
- | 3.1% | |
0.0 | 9.9 | |
7 months ago | 7 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aad-pod-identity
-
Managed Identiy to Connect AKS with Azure SQL
Can someone please help me with a step by step guide to perform this. https://github.com/Azure/aad-pod-identity Blog I am referring: https://trstringer.com/connect-k8s-apps-msi/
-
Anyone in here using AAD Pod Identity?
Link to my direct issue on the GitHub site: https://github.com/Azure/aad-pod-identity/discussions/1320
-
Obtain Azure access token from a local Docker container
Q: So how am I supposed to log in to Azure so that my app can obtain tokens? A: I tell devs: For local development log in to Azure CLI with your normal user account. It has Contributor over your Dev/Test subscription and you can access secrets and configuration from their Dev/Test Key Vaults. For staging and production running in Azure (in our case Docker containers running on AKS) we use User-Assigned Managed Identity and aad-pod-identity project. This managed identity has least-privilege permissions over staging and production environments to do it's job at runtime.
-
Use Azure AD workload identity to securely access Azure services or resource from your Kubernetes cluster
The existing Azure AD Pod Identity project addresses this need. However, the Azure AD workload identity approach is simpler to use and deploy, and overcomes several limitations in Azure AD Pod Identity:
-
Implement Azure AD Workload Identity on AKS with terraform
As described on the documentation, azwi is the suggested approach from now on since Azure AD Pod Identity has been (somehow) deprecated as you can read on the github repo and on the blog post here.
- Required permissions to backup and restore database in K8s cluster to Azure Blob storage
-
Authenticating to SQL Server from a containerized service
Unfortunately, password maintenance and rotation is a chore and has to be done in both places. There are however other things that you might want to try. 1. Kerberos authentication in pure container environments. This is something you can do on any Linux environment that is connected to AD. 2. Use AAD pod identity (https://github.com/Azure/aad-pod-identity) if running from AKS, but it is still in preview.
Pulumi
-
How To Implement AWS SSB Controls in Terraform - Part 4
If you are following this blog series, you should already know the benefits of using Terraform to define and deploy your AWS resources and configuration. Other IaC solutions such as AWS CloudFormation, AWS CDK, and Pulumi work the same way but differs in the programming or configuration language.
-
The 2024 Web Hosting Report
Infrastructure as Code (IaC) is an important part of any true hosting operation in the public cloud. Each of these platforms has their own IaC solution, e.g. AWS CloudFormation. But they also support popular open-source IaC tools like Pulumi or Terraform. A category of tools that also needs to be discussed is API gateways and other app-specific load balancers. There are applications for internal consumption, which can be called microservices if you have a lot of them. And often microservices use advanced networking options such as a service mesh instead of just the native private network offered by a VPC.
-
systemd by example (2021)
funny, to me systemd == no docker, no containers, just a VM.
it's my goto way to keep my programming running and have it be restarted if the vm reboots. I use VMs like "pods". I deploy code directly to the VM and run it there along with other programs. I scale up an scale down with: https://www.pulumi.com/
-
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
Pulumi โ Modern infrastructure as a code platform that allows you to use familiar programming languages and tools to build, deploy, and manage cloud infrastructure.
-
Playing devil's advocate with Terraform
A move like this may have an impact in other open source projects. Take Pulumi, for instance, people might avoid choosing it now that the Linux Foundation have its own IaC tool, and for newer, smaller projects it will probably be impossible to compete with a project under the Linux name.
- Pulumi โ open-source Infrastructure as Code in any language
-
Best way to deploy K8s to single VPS for dev environment
Another alternative to writing an operator would be to rely on kustomize or https://www.pulumi.com/.
-
โกโก Level Up Your Cloud Experience with These 7 Open Source Projects ๐ฉ๏ธ
Pulumi
-
Show HN: Togomak โ declarative pipeline orchestrator based on HCL and Terraform
Would it make sense to say Dagger is to Pulumi [1], as Terraform is to Togomak?
[1]: https://www.pulumi.com/
-
The Complete Microservices Guide
Infrastructure as Code (IaC): Define your infrastructure using code (IaC) to automate the provisioning of resources such as virtual machines, load balancers, and databases. Tools like Terraform, Pulumi, and AWS CloudFormation can help.
What are some alternatives?
application-gateway-kubernetes-ingress - This is an ingress controller that can be run on Azure Kubernetes Service (AKS) to allow an Azure Application Gateway to act as the ingress for an AKS cluster.
terraform-cdk - Define infrastructure resources using programming constructs and provision them using HashiCorp Terraform
externalsecret-operator - An operator to fetch secrets from cloud services and inject them in Kubernetes
cdk8s - Define Kubernetes native apps and abstractions using object-oriented programming
aks-engine - AKS Engine: legacy tool for Kubernetes on Azure (see status)
terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
cloudpods - A cloud-native open-source unified multi-cloud and hybrid-cloud platform. ๅผๆบใไบๅ็็ๅคไบ็ฎก็ๅๆททๅไบ่ๅๅนณๅฐ
crossplane - The Cloud Native Control Plane
kots - KOTS provides the framework, tools and integrations that enable the delivery and management of 3rd-party Kubernetes applications, a.k.a. Kubernetes Off-The-Shelf (KOTS) Software.
bicep - Bicep is a declarative language for describing and deploying Azure resources
azure-sdk-for-net - This repository is for active development of the Azure SDK for .NET. For consumers of the SDK we recommend visiting our public developer docs at https://learn.microsoft.com/dotnet/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-net.
Ansible - Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.