azure-key-vault-to-kubernetes
keyvault-acmebot
azure-key-vault-to-kubernetes | keyvault-acmebot | |
---|---|---|
5 | 9 | |
420 | 836 | |
0.5% | - | |
6.1 | 7.6 | |
15 days ago | 5 days ago | |
Go | C# | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
azure-key-vault-to-kubernetes
-
Need Help Understanding Ingress Controller TLS (AKS)
I used the following stack to generate and sync my certificate : Generation of certs to Keyvault : https://github.com/shibayan/keyvault-acmebot Keyvault cert to AKS sync : https://akv2k8s.io/
-
Best method of setting up TLS on AKS
Can any one either break down how to use the cert I generated in keyvault or suggest another method that's worked for them? I tried using akv2k8s.io which hasn't worked and others have encountered similar problems suggesting they've only got self-signed certs to work.
- Azure AKS/Container App can't access Key vault using managed identity
-
I've been collecting a list of k8s/container tools and sorting them by the number of stars in Github, so far the most complete k8s/container list I know of with almost 250 entries - hoping this is useful for someone else besides me - looking for feedback, ideas for improvement and contributors
Thank you for the kind words. I've added https://github.com/SparebankenVest/azure-key-vault-to-kubernetes to a branch that will be on main soon. Thanks.
-
How to add k8 cluster to access secrets in vault with RBAC
How do I give the cluster permission with RBAC? (GitHub question here: https://github.com/SparebankenVest/azure-key-vault-to-kubernetes/issues/330)
keyvault-acmebot
- How do you keep track / manage your SSL certificates?
-
Need Help Understanding Ingress Controller TLS (AKS)
I used the following stack to generate and sync my certificate : Generation of certs to Keyvault : https://github.com/shibayan/keyvault-acmebot Keyvault cert to AKS sync : https://akv2k8s.io/
-
gRPC + Reverse Proxy
So far I've been able to set up Keyvault Acmebot, and that seems to be working very well, but the piece that's eluding me is a functional gRPC reverse proxy. Is there a set of tools in Azure that can handle this?
-
How do you request and manage certificates on the application gateway level?
I’ve used https://github.com/shibayan/keyvault-acmebot before and loved it if you can stand the occasional click ops.
-
Nginx Proxy Manager in Azure (as MS service)?
App Gateway does have manual certs, yes, but it can do redirection (HTTP 30x). I've used it personally with keyvault-acmebot to handle Let's Encrypt certificates and renewals.
-
Wildcard SSL for inward-only facing, non-critical, non -PHI, non-confidential systems?
If you happen to be using things in Azure already (or are okay with adding a few), I've found this solution to be very useful https://github.com/shibayan/keyvault-acmebot as it just drops the certificates in Azure KeyVault and keeps them updated.
-
Azure equivalent of Amazon's ACM?
I use this in production at my job and love it: https://github.com/shibayan/keyvault-acmebot
- Web cert questions
-
Azure Key Vault Certificates with Let’s Encrypt as the Issuer CA
Really you should automate this process. I suggest keyvault-acmebot https://github.com/shibayan/keyvault-acmebot
What are some alternatives?
argocd-vault-replacer - An Argo CD plugin to replace placeholders in Kubernetes manifests with secrets stored in Hashicorp Vault.
Posh-ACME - PowerShell module and ACME client to create certificates from Let's Encrypt (or other ACME CA)
quorum-key-manager - A universal Key & Account Management solution for blockchain applications.
win-acme - A simple ACME client for Windows (for use with Let's Encrypt et al.)
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
gardener - Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
app-service-announcements - Subscribe to this repo to be notified about major changes in App Service
awesome-k8s-tools - List of container/k8s tools.
letsencrypt-siteextension - Azure Web App Site Extension for easy installation and configuration of Let's Encrypt issued SSL certifcates for custom domain names.
secretgen-controller - secretgen-controller provides CRDs to specify what secrets need to be on Kubernetes cluster (to be generated or not)
OnDotNetConfiguration - A sample ASP.NET Core 5.0 Blazor Server app to accompany the On .NET episodes