kube-secrets-init
kiam
kube-secrets-init | kiam | |
---|---|---|
4 | 5 | |
146 | 1,144 | |
-0.7% | - | |
3.9 | 3.9 | |
5 months ago | 2 months ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kube-secrets-init
- EKS pods using IRSA (IAM auth per pod) to access AWS Secrets WITHOUT creating K8s secret?
-
Application Repository Structure Tips - Source/Docker/Kubernetes/Helm
Thanks i'll have a look at secrets-init soon, assume you mean https://github.com/doitintl/kube-secrets-init?
-
Automatically inject cloud secrets into GKE/AWS Pods
The kube-secret-init is a Kubernetes mutating admission webhook, that mutates any K8s Pod that is using specially prefixed environment variables, directly or from Kubernetes as Secret or ConfigMap and inject secrets from Cloud Secrets Management services.
-
aws secret manager with k8s
we've had success with this: https://github.com/doitintl/kube-secrets-init
kiam
-
AWS Access Keys - A Reference
IMDS for the underlying nodes, if EKS on EC2 is deployed and kiam or similar isn't deployed
-
Application using multiple aws users
Take a look at this GitHub project- https://github.com/uswitch/kiam
- 5 Razones de por qué aprender EKS practicando
-
5 Reasons why to learn EKS practicing
There are multiple solutions for this like Kube2IAM, KIAM, and IAM Roles for Service Accounts which, if we are in AWS and EKS (running in EC2 instances), this one is my go-to 😎.
-
[AWS-EFS][IAM] AWS EFS CSI instructions say to use a service account w/ IAM role association, but is it possible with KIAM instead?
How Kiam provides a pod with the AWS role credentials is by intercepting API calls to the metadata service (technical details here & here).
What are some alternatives?
berglas - A tool for managing secrets on Google Cloud
amazon-eks-pod-identity-webhook - Amazon EKS Pod Identity Webhook
argocd-vault-plugin - An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets
kube2iam - kube2iam provides different AWS IAM roles for pods running on Kubernetes
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes [Moved to: https://github.com/external-secrets/kubernetes-external-secrets]
aws-efs-csi-driver - CSI Driver for Amazon EFS https://aws.amazon.com/efs/
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
aws-sdk-go - AWS SDK for the Go programming language.
aws-sso-cli - A powerful tool for using AWS Identity Center for the CLI and web console.
client-go - Go client for Kubernetes.
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes